<div dir="ltr"><div>Neutron already offers a DNS server (within the DHCP namespace, I think). It does forward on non-local queries to an external DNS server, but it already serves local names for instances; we'd simply have to set one aside, or perhaps use one in a 'root' but nonlocal domain (metadata.openstack e.g.). In fact, this improves things slightly over the IPv4 metadata server: IPv4 metadata is usually reached via the router, whereas in ipv6 if we have a choice over addresses with can use a link local address (and any link local address will do; it's not an address that is 'magic' in some way, thanks to the wonder of service advertisement).<br><br></div>And per previous comments about 'Amazon owns this' - the current metadata service is a de facto standard, which Amazon initiated but is not owned by anybody, and it's not the only standard. If you'd like proof of the former, I believe our metadata service offers /openstack/ URLs, unlike Amazon (mirroring the /openstack/ files on the config drive); and on the latter, config-drive and Amazon-style metadata are only two of quite an assortment of data providers that cloud-init will query. If it makes you think of it differently, think of this as the *Openstack* ipv6 metadata service, and not the 'will-be-Amazon-one-day-maybe' service.<br><br><div class="gmail_extra"><br><div class="gmail_quote">On 8 September 2015 at 17:03, Clint Byrum <span dir="ltr"><<a href="mailto:clint@fewbar.com" target="_blank">clint@fewbar.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Neutron would add a soft router that only knows the route to the metadata<br>
service (and any other services you want your neutron private network vms<br>
to be able to reach). This is not unique to the metadata service. Heat,<br>
Trove, etc, all want this as a feature so that one can poke holes out of<br>
these private networks only to the places where the cloud operator has<br>
services running.<br>
<br>
Excerpts from Fox, Kevin M's message of 2015-09-08 14:44:35 -0700:<br>
<div class="HOEnZb"><div class="h5">> How does that work with neutron private networks?<br>
><br>
> Thanks,<br>
> Kevin<br>
> ________________________________________<br>
> From: Clint Byrum [<a href="mailto:clint@fewbar.com">clint@fewbar.com</a>]<br>
> Sent: Tuesday, September 08, 2015 1:35 PM<br>
> To: openstack-dev<br>
> Subject: Re: [openstack-dev] [Neutron] cloud-init IPv6 support<br>
><br>
> Excerpts from Nir Yechiel's message of 2014-07-07 09:15:09 -0700:<br>
> > AFAIK, the cloud-init metadata service can currently be accessed only by sending a request to <a href="http://169.254.169.254" rel="noreferrer" target="_blank">http://169.254.169.254</a>, and no IPv6 equivalent is currently implemented. Does anyone working on this or tried to address this before?<br>
> ><br>
><br>
> I'm not sure we'd want to carry the way metadata works forward now that<br>
> we have had some time to think about this.<br>
><br>
> We already have DHCP6 and NDP. Just use one of those, and set the host's<br>
> name to a nonce that it can use to lookup the endpoint for instance<br>
> differentiation via DNS SRV records. So if you were told you are<br>
><br>
> <a href="http://d02a684d-56ea-44bc-9eba-18d997b1d32d.region.cloud.com" rel="noreferrer" target="_blank">d02a684d-56ea-44bc-9eba-18d997b1d32d.region.cloud.com</a><br>
><br>
> Then you look that up as a SRV record on your configured DNS resolver,<br>
> and connect to the host name returned and do something like GET<br>
> /d02a684d-56ea-44bc-9eba-18d997b1d32d<br>
><br>
> And viola, metadata returns without any special link local thing, and<br>
> it works like any other dual stack application on the planet.<br>
><br>
<br>
__________________________________________________________________________<br>
OpenStack Development Mailing List (not for usage questions)<br>
Unsubscribe: <a href="http://OpenStack-dev-request@lists.openstack.org?subject:unsubscribe" rel="noreferrer" target="_blank">OpenStack-dev-request@lists.openstack.org?subject:unsubscribe</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
</div></div></blockquote></div><br></div></div>