<p dir="ltr">After spinning the instance up, did you try to do the curl thing from inside the instance. Try doing the the tcpdump with -l -a -e -I interface within the namespaces like qrouter, qdhcp. </p>
<p dir="ltr">Have your firewall disabled<br>
</p>
<div class="gmail_quote">On 24 Sep 2015 04:22, "The O.G." <<a href="mailto:theoriginalguru@gmail.com">theoriginalguru@gmail.com</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div><div><div><div><div><div><div><div>I've been following the install/setup directions here:<br><br><a href="http://docs.openstack.org/juno/install-guide/install/yum/content/ch_preface.html" target="_blank">http://docs.openstack.org/juno/install-guide/install/yum/content/ch_preface.html</a><br><br></div><div>and have completed steps 1-9.I have 3 nodes: controller[runs all the controller components, mariadb, rabbitmq], compute[runs compute, cinder, and swift services], and network[just neutron, and gateway to outside network].<br></div><br></div>I can launch an instance, get a DHCP IP address, login to the instance via console, and ping the outside world. So, it seems almost everything is working (had a lot of difficulty with neutron networking, but eventually figured it out and now works).<br><br></div>However, when the instance tries to contact the metadata service API at 169.254.169.254, I get no response. Within the instance, the ARP cache shows incomplete, so it's almost like nothing is servicing the metadata API.<br><br></div><div>Here's some stuff I did on the network node based on info I got from:<br><br><a href="https://ask.openstack.org/en/question/66516/instance-can-not-access-openstack-metadata-service/" target="_blank">https://ask.openstack.org/en/question/66516/instance-can-not-access-openstack-metadata-service/</a><br><br>root@network neutron]# ip netns list<br>qrouter-61e6eb07-a052-4248-925b-268f4f71765c<br>qdhcp-93fc034f-d010-4e89-aa01-ac8e563b5927<br><br>[root@network neutron]# ip netns exec qrouter-61e6eb07-a052-4248-925b-268f4f71765c iptables-save | grep -i redirect<br>-A neutron-l3-agent-PREROUTING -d <a href="http://169.254.169.254/32" target="_blank">169.254.169.254/32</a> -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 9697<br><br>[root@network neutron]# ip netns exec qrouter-61e6eb07-a052-4248-925b-268f4f71765c netstat -antp<br>Active Internet connections (servers and established)<br>Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name <br>tcp 0 0 <a href="http://0.0.0.0:9697" target="_blank">0.0.0.0:9697</a> 0.0.0.0:* LISTEN 1335/python <br><br>[root@network neutron]# ps -f --pid 1335 | fold -s -w 82<br>UID PID PPID C STIME TTY TIME CMD<br>root 1335 1 0 14:56 ? 00:00:00 /usr/bin/python <br>/bin/neutron-ns-metadata-proxy <br>--pid_file=/var/lib/neutron/external/pids/61e6eb07-a052-4248-925b-268f4f71765c.pid<br> --metadata_proxy_socket=/var/lib/neutron/metadata_proxy <br>--router_id=61e6eb07-a052-4248-925b-268f4f71765c --state_path=/var/lib/neutron <br>--metadata_port=9697 --verbose <br>--log-file=neutron-ns-metadata-proxy-61e6eb07-a052-4248-925b-268f4f71765c.log <br>--log-dir=/var/log/neutron<br><br>[root@network neutron]# ip netns exec qrouter-61e6eb07-a052-4248-925b-268f4f71765c curl <a href="http://169.254.169.254" target="_blank">http://169.254.169.254</a><br><br></div><div>At this point, I get no response from that curl command. It just hangs until I break out of it.<br><br></div><div>However, similar to the comment in the post above, I get a response in the qdhcp namespace:<br><br>[root@network neutron]# ip netns exec qdhcp-93fc034f-d010-4e89-aa01-ac8e563b5927 curl <a href="http://169.254.169.254" target="_blank">http://169.254.169.254</a><br>1.0<br>2007-01-19<br>2007-03-01<br>2007-08-29<br>2007-10-10<br>2007-12-15<br>2008-02-01<br>2008-09-01<br>2009-04-04<br><br></div><div></div>How do I further troubleshoot this? What does this mean? Do I have something severely misconfigured?<br><br></div>Also, going over the instructions, this is my understanding:<br><br></div>network node runs metadata_agent service, but points to nova_metadata_ip=controller. on the controller, I have service_metadata_proxy=true under [neutron] sub-section of nova.conf. I'm guessing this means that network/metadata_agent talks to the metadata_proxy on controller, but if this is a proxy, where is the actual metadata service running? And is there an additional step to configure that metadata service? I did not see anything like that in the install/setup instructions. Is my understanding even correct?<br><br></div>Can anyone please help?<br><br></div>Thanks,<br></div>TOG<br></div>
<br>_______________________________________________<br>
Mailing list: <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a><br>
Post to : <a href="mailto:openstack@lists.openstack.org">openstack@lists.openstack.org</a><br>
Unsubscribe : <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a><br>
<br></blockquote></div>