[queens]neutron][metadata] configuration
Hello everyone, in my installation of Queees I am using many provider networks. I don't use openstack router but only dhcp. I would like my instances to reach the metadata agent without the 169.154.169.254 route, so I would like the provider networks to directly reach the metadata agent on the internal api vip. How can I get this configuration? Thank you Ignazio
Hi, In case of such isolated networks, You can configure neutron to serve metadata in dhcp namespace and that it will set route to 169.254.169.254 via dhcp port’s IP address. Please check config options: [1] and [2] [1] https://docs.openstack.org/neutron/latest/configuration/dhcp-agent.html#DEFA... [2] https://docs.openstack.org/neutron/latest/configuration/dhcp-agent.html#DEFA...
On 13 Feb 2020, at 11:19, Ignazio Cassano <ignaziocassano@gmail.com> wrote:
Hello everyone, in my installation of Queees I am using many provider networks. I don't use openstack router but only dhcp. I would like my instances to reach the metadata agent without the 169.154.169.254 route, so I would like the provider networks to directly reach the metadata agent on the internal api vip. How can I get this configuration? Thank you Ignazio
— Slawek Kaplonski Senior software engineer Red Hat
Hello Slawek, I do not want to use metadata in dhcp namespace. It forces option 121 and I receive all subnet routes on my instances. If I use more than 10 subnets on same vlan , it does not work because I do not receive the 169.254.169.254 routing tables due to the following error: dnsmasq-dhcp[52165]: cannot send DHCP/BOOTP option 121: no space left in packet Ignazio Il giorno gio 13 feb 2020 alle ore 11:39 Slawek Kaplonski < skaplons@redhat.com> ha scritto:
Hi,
In case of such isolated networks, You can configure neutron to serve metadata in dhcp namespace and that it will set route to 169.254.169.254 via dhcp port’s IP address. Please check config options: [1] and [2]
[1] https://docs.openstack.org/neutron/latest/configuration/dhcp-agent.html#DEFA... [2] https://docs.openstack.org/neutron/latest/configuration/dhcp-agent.html#DEFA...
On 13 Feb 2020, at 11:19, Ignazio Cassano <ignaziocassano@gmail.com> wrote:
Hello everyone, in my installation of Queees I am using many provider networks. I don't use openstack router but only dhcp. I would like my instances to reach the metadata agent without the 169.154.169.254 route, so I would like the provider networks to directly reach the metadata agent on the internal api vip. How can I get this configuration? Thank you Ignazio
— Slawek Kaplonski Senior software engineer Red Hat
On 2020-02-13 11:19:06 +0100 (+0100), Ignazio Cassano wrote:
Hello everyone, in my installation of Queees I am using many provider networks. I don't use openstack router but only dhcp. I would like my instances to reach the metadata agent without the 169.154.169.254 route, so I would like the provider networks to directly reach the metadata agent on the internal api vip. How can I get this configuration?
Have you tried using configdrive instead of the metadata service? It's generally more reliable. The main downside is that it doesn't change while the instance is running, so if you're wanting to use this to update routes for active instances between reboots then I suppose it wouldn't solve your problem. -- Jeremy Stanley
We are going to try it. Ignazio Il giorno gio 13 feb 2020 alle ore 14:16 Jeremy Stanley <fungi@yuggoth.org> ha scritto:
On 2020-02-13 11:19:06 +0100 (+0100), Ignazio Cassano wrote:
Hello everyone, in my installation of Queees I am using many provider networks. I don't use openstack router but only dhcp. I would like my instances to reach the metadata agent without the 169.154.169.254 route, so I would like the provider networks to directly reach the metadata agent on the internal api vip. How can I get this configuration?
Have you tried using configdrive instead of the metadata service? It's generally more reliable. The main downside is that it doesn't change while the instance is running, so if you're wanting to use this to update routes for active instances between reboots then I suppose it wouldn't solve your problem. -- Jeremy Stanley
Hello, config drive is the best solution for our situation. Thanks Ignazio Il giorno gio 13 feb 2020 alle ore 14:16 Jeremy Stanley <fungi@yuggoth.org> ha scritto:
On 2020-02-13 11:19:06 +0100 (+0100), Ignazio Cassano wrote:
Hello everyone, in my installation of Queees I am using many provider networks. I don't use openstack router but only dhcp. I would like my instances to reach the metadata agent without the 169.154.169.254 route, so I would like the provider networks to directly reach the metadata agent on the internal api vip. How can I get this configuration?
Have you tried using configdrive instead of the metadata service? It's generally more reliable. The main downside is that it doesn't change while the instance is running, so if you're wanting to use this to update routes for active instances between reboots then I suppose it wouldn't solve your problem. -- Jeremy Stanley
Hi Jeremy, on ubuntu works if in disk rimane builder we use the variabile DIB_CLOUD_INIT_DATASOURCES with value ConfigDrive Ignazio Il Gio 13 Feb 2020, 16:31 Ignazio Cassano <ignaziocassano@gmail.com> ha scritto:
Hello, config drive is the best solution for our situation. Thanks Ignazio
Il giorno gio 13 feb 2020 alle ore 14:16 Jeremy Stanley <fungi@yuggoth.org> ha scritto:
On 2020-02-13 11:19:06 +0100 (+0100), Ignazio Cassano wrote:
Hello everyone, in my installation of Queees I am using many provider networks. I don't use openstack router but only dhcp. I would like my instances to reach the metadata agent without the 169.154.169.254 route, so I would like the provider networks to directly reach the metadata agent on the internal api vip. How can I get this configuration?
Have you tried using configdrive instead of the metadata service? It's generally more reliable. The main downside is that it doesn't change while the instance is running, so if you're wanting to use this to update routes for active instances between reboots then I suppose it wouldn't solve your problem. -- Jeremy Stanley
Hello Jeremy, I disabled isolate metadata in dhcp agent an configura config drive. It works fine with centos 7 but it does not with ubuntu 18. On ubuntu 18 cloud init tries ti contact metadata on 169.254.169.254 and does not object ssh keys :-( Ignazio Il Gio 13 Feb 2020, 14:16 Jeremy Stanley <fungi@yuggoth.org> ha scritto:
On 2020-02-13 11:19:06 +0100 (+0100), Ignazio Cassano wrote:
Hello everyone, in my installation of Queees I am using many provider networks. I don't use openstack router but only dhcp. I would like my instances to reach the metadata agent without the 169.154.169.254 route, so I would like the provider networks to directly reach the metadata agent on the internal api vip. How can I get this configuration?
Have you tried using configdrive instead of the metadata service? It's generally more reliable. The main downside is that it doesn't change while the instance is running, so if you're wanting to use this to update routes for active instances between reboots then I suppose it wouldn't solve your problem. -- Jeremy Stanley
participants (3)
-
Ignazio Cassano
-
Jeremy Stanley
-
Slawek Kaplonski