<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">Anybody has an idea about why the nova
metadata server rejects the VM requests?<br>
<br>
<br>
<br>
Le 26/04/2013 15:58, Michaël Van de Borne a écrit :<br>
</div>
<blockquote cite="mid:517A8818.2080404@cetic.be" type="cite">
<meta http-equiv="content-type" content="text/html;
charset=ISO-8859-1">
Hi there,<br>
<br>
I've installed Grizzly on 3 servers:<br>
compute (howard)<br>
controller (leonard)<br>
network (rajesh)).<br>
<br>
Namespaces are ON<br>
Overlapping IPs are ON<br>
<br>
When booting, my VMs can reach the metadata server (on the
controller node), but it responds a "500 Internal Server Error"<br>
<br>
<b>Here is the error from the log of nova-api:</b><br>
2013-04-26 15:35:28.149 19902 INFO nova.metadata.wsgi.server [-]
(19902) accepted ('192.168.202.105', 54871)<br>
<br>
2013-04-26 15:35:28.346 ERROR nova.network.quantumv2
[req-52ffc3ae-a15e-4bf4-813c-6596618eb430 None None]
_get_auth_token() failed<br>
2013-04-26 15:35:28.346 19902 TRACE nova.network.quantumv2
Traceback (most recent call last):<br>
2013-04-26 15:35:28.346 19902 TRACE nova.network.quantumv2 File
"/usr/lib/python2.7/dist-packages/nova/network/quantumv2/__init__.py",
line 40, in _get_auth_token<br>
2013-04-26 15:35:28.346 19902 TRACE nova.network.quantumv2
httpclient.authenticate()<br>
2013-04-26 15:35:28.346 19902 TRACE nova.network.quantumv2 File
"/usr/lib/python2.7/dist-packages/quantumclient/client.py", line
193, in authenticate<br>
2013-04-26 15:35:28.346 19902 TRACE nova.network.quantumv2
content_type="application/json")<br>
2013-04-26 15:35:28.346 19902 TRACE nova.network.quantumv2 File
"/usr/lib/python2.7/dist-packages/quantumclient/client.py", line
131, in _cs_request<br>
2013-04-26 15:35:28.346 19902 TRACE nova.network.quantumv2
raise exceptions.Unauthorized(message=body)<br>
2013-04-26 15:35:28.346 19902 TRACE nova.network.quantumv2
Unauthorized: {"error": {"message": "The request you have made
requires authentication.", "code": 401, "title": "Not
Authorized"}}<br>
2013-04-26 15:35:28.346 19902 TRACE nova.network.quantumv2 <br>
2013-04-26 15:35:28.347 ERROR nova.api.metadata.handler
[req-52ffc3ae-a15e-4bf4-813c-6596618eb430 None None] Failed to get
metadata for instance id: 05141f81-04cc-4493-86da-d2c05fd8a2f9<br>
2013-04-26 15:35:28.347 19902 TRACE nova.api.metadata.handler
Traceback (most recent call last):<br>
2013-04-26 15:35:28.347 19902 TRACE nova.api.metadata.handler
File
"/usr/lib/python2.7/dist-packages/nova/api/metadata/handler.py",
line 179, in _handle_instance_id_request<br>
2013-04-26 15:35:28.347 19902 TRACE nova.api.metadata.handler
remote_address)<br>
2013-04-26 15:35:28.347 19902 TRACE nova.api.metadata.handler
File
"/usr/lib/python2.7/dist-packages/nova/api/metadata/handler.py",
line 90, in get_metadata_by_instance_id<br>
2013-04-26 15:35:28.347 19902 TRACE nova.api.metadata.handler
instance_id, address)<br>
2013-04-26 15:35:28.347 19902 TRACE nova.api.metadata.handler
File "/usr/lib/python2.7/dist-packages/nova/api/metadata/base.py",
line 417, in get_metadata_by_instance_id<br>
2013-04-26 15:35:28.347 19902 TRACE nova.api.metadata.handler
return InstanceMetadata(instance, address)<br>
2013-04-26 15:35:28.347 19902 TRACE nova.api.metadata.handler
File "/usr/lib/python2.7/dist-packages/nova/api/metadata/base.py",
line 143, in __init__<br>
2013-04-26 15:35:28.347 19902 TRACE nova.api.metadata.handler
conductor_api=capi)<br>
2013-04-26 15:35:28.347 19902 TRACE nova.api.metadata.handler
File
"/usr/lib/python2.7/dist-packages/nova/network/quantumv2/api.py",
line 359, in get_instance_nw_info<br>
2013-04-26 15:35:28.347 19902 TRACE nova.api.metadata.handler
result = self._get_instance_nw_info(context, instance, networks)<br>
2013-04-26 15:35:28.347 19902 TRACE nova.api.metadata.handler
File
"/usr/lib/python2.7/dist-packages/nova/network/quantumv2/api.py",
line 367, in _get_instance_nw_info<br>
2013-04-26 15:35:28.347 19902 TRACE nova.api.metadata.handler
nw_info = self._build_network_info_model(context, instance,
networks)<br>
2013-04-26 15:35:28.347 19902 TRACE nova.api.metadata.handler
File
"/usr/lib/python2.7/dist-packages/nova/network/quantumv2/api.py",
line 777, in _build_network_info_model<br>
2013-04-26 15:35:28.347 19902 TRACE nova.api.metadata.handler
client = quantumv2.get_client(context, admin=True)<br>
2013-04-26 15:35:28.347 19902 TRACE nova.api.metadata.handler
File
"/usr/lib/python2.7/dist-packages/nova/network/quantumv2/__init__.py",
line 67, in get_client<br>
2013-04-26 15:35:28.347 19902 TRACE nova.api.metadata.handler
return _get_client(token=token)<br>
2013-04-26 15:35:28.347 19902 TRACE nova.api.metadata.handler
File
"/usr/lib/python2.7/dist-packages/nova/network/quantumv2/__init__.py",
line 49, in _get_client<br>
2013-04-26 15:35:28.347 19902 TRACE nova.api.metadata.handler
token = _get_auth_token()<br>
2013-04-26 15:35:28.347 19902 TRACE nova.api.metadata.handler
File
"/usr/lib/python2.7/dist-packages/nova/network/quantumv2/__init__.py",
line 43, in _get_auth_token<br>
2013-04-26 15:35:28.347 19902 TRACE nova.api.metadata.handler
LOG.exception(_("_get_auth_token() failed"))<br>
2013-04-26 15:35:28.347 19902 TRACE nova.api.metadata.handler
File "/usr/lib/python2.7/contextlib.py", line 24, in __exit__<br>
2013-04-26 15:35:28.347 19902 TRACE nova.api.metadata.handler
self.gen.next()<br>
2013-04-26 15:35:28.347 19902 TRACE nova.api.metadata.handler
File
"/usr/lib/python2.7/dist-packages/nova/network/quantumv2/__init__.py",
line 40, in _get_auth_token<br>
2013-04-26 15:35:28.347 19902 TRACE nova.api.metadata.handler
httpclient.authenticate()<br>
2013-04-26 15:35:28.347 19902 TRACE nova.api.metadata.handler
File "/usr/lib/python2.7/dist-packages/quantumclient/client.py",
line 193, in authenticate<br>
2013-04-26 15:35:28.347 19902 TRACE nova.api.metadata.handler
content_type="application/json")<br>
2013-04-26 15:35:28.347 19902 TRACE nova.api.metadata.handler
File "/usr/lib/python2.7/dist-packages/quantumclient/client.py",
line 131, in _cs_request<br>
2013-04-26 15:35:28.347 19902 TRACE nova.api.metadata.handler
raise exceptions.Unauthorized(message=body)<br>
2013-04-26 15:35:28.347 19902 TRACE nova.api.metadata.handler
Unauthorized: {"error": {"message": "The request you have made
requires authentication.", "code": 401, "title": "Not
Authorized"}}<br>
2013-04-26 15:35:28.347 19902 TRACE nova.api.metadata.handler <br>
2013-04-26 15:35:28.349 19902 INFO nova.api.ec2 [-] 0.198106s
192.168.202.105 GET /2009-04-04/meta-data/instance-id None:None
500 [Python-httplib2/0.7.2 (gzip)] text/plain text/plain<br>
2013-04-26 15:35:28.349 19902 INFO nova.metadata.wsgi.server [-]
10.0.0.4,192.168.202.105 "GET /2009-04-04/meta-data/instance-id
HTTP/1.1" status: 500 len: 229 time: 0.1988521<br>
<br>
<br>
<b>On the network node, here is the config file for metadata
agent:</b><br>
root@rajesh:/var/log/quantum# cat /etc/quantum/metadata_agent.ini
<br>
[DEFAULT]<br>
debug = True<br>
auth_url = <a moz-do-not-send="true"
class="moz-txt-link-freetext"
href="http://192.168.203.103:35357/v2.0">http://192.168.203.103:35357/v2.0</a><br>
auth_region = RegionOne<br>
admin_tenant_name = service<br>
admin_user = quantum<br>
admin_password = grizzly<br>
nova_metadata_ip = 192.168.202.103<br>
nova_metadata_port = 8775<br>
metadata_proxy_shared_secret = grizzly<br>
<br>
<br>
<b>Here are the metadata keys from the nova.conf of the controller
node:</b><br>
service_quantum_metadata_proxy=true<br>
quantum_metadata_proxy_shared_secret=grizzly<br>
<br>
<br>
<b>I tried to curl the controller node like this:</b><br>
root@leonard:~# curl -H "x-instance-id:
05141f81-04cc-4493-86da-d2c05fd8a2f9" -H "x-instance-id-signature:
1de544a5fc4c1b8d5fb37441bf4c1360ab63336b58dfb3f4b78d290c5268b4e5"
<a moz-do-not-send="true" class="moz-txt-link-freetext"
href="http://192.168.202.103:8775/2009-04-04/meta-data/instance-id">http://192.168.202.103:8775/2009-04-04/meta-data/instance-id</a><br>
<html><br>
<head><br>
<title>500 Internal Server Error</title><br>
</head><br>
<body><br>
<h1>500 Internal Server Error</h1><br>
An unknown error has occurred. Please try your request
again.<br /><br /><br>
<br>
<br>
<br>
<b>I should add that the quantum-ns-proxy log file on the network
node remains empty.</b><br>
<br>
<br>
<br>
<b>Here is the metadata </b><b>agent log:</b><br>
2013-04-26 15:37:16 WARNING [quantum.agent.metadata.agent] Remote
metadata server experienced an internal server error.<br>
<br>
<br>
any clue why the request to metadata server cannot be authorized?<br>
<br>
<br>
thanks,<br>
<br>
yours,<br>
<br>
mike<br>
<br>
<br>
<pre class="moz-signature" cols="72">
--
Michaël Van de Borne
R&D Engineer, SOA team, CETIC
Phone: +32 (0)71 49 07 45 Mobile: +32 (0)472 69 57 16, Skype: mikemowgli
<a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="http://www.cetic.be">www.cetic.be</a>, rue des Frères Wright, 29/3, B-6041 Charleroi
</pre>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Mailing list: <a class="moz-txt-link-freetext" href="https://launchpad.net/~openstack">https://launchpad.net/~openstack</a>
Post to : <a class="moz-txt-link-abbreviated" href="mailto:openstack@lists.launchpad.net">openstack@lists.launchpad.net</a>
Unsubscribe : <a class="moz-txt-link-freetext" href="https://launchpad.net/~openstack">https://launchpad.net/~openstack</a>
More help : <a class="moz-txt-link-freetext" href="https://help.launchpad.net/ListHelp">https://help.launchpad.net/ListHelp</a>
</pre>
</blockquote>
<br>
</body>
</html>