[Openstack] problem ssh-ing into vms
Vishvananda Ishaya
vishvananda at gmail.com
Wed Mar 28 17:01:19 UTC 2012
On Mar 28, 2012, at 8:01 AM, Pierre Amadio wrote:
> Was my assumption wrong or is there something special to do to have the
> metadata service available without running nova-api ?
You can run the metadata service by itself using bin/nova-api-metadata. For performance reasons, I prefer this option.
Alternatively you can leave it running on the api node but you have to make sure config is set on your compute and network hosts to tell the system where to forward to. You do this via a config option in nova.conf
###### (StrOpt) the ip for the metadata api server
# metadata_host="$my_ip"
Also you have to make sure that packets are not snatted when they leave the network host if they are going to the metadata server. You can do this via a config option as well:
###### (StrOpt) dmz range that should be accepted
# dmz_cidr="10.128.0.0/24"
So setting the following:
metadata_host=<api_ip>
dmz_cidr=<api_ip>/32
should work with nova-api running separately
More information about the Openstack
mailing list