Open Stack

Thanks for that - the namspace thing is starting to make sense.
So I see this rule in there now:

Chain quantum-l3-agent-PREROUTING (1 references)
 pkts bytes target     prot opt in     out     source
destination
   62  3720 DNAT       tcp  --  *      *       0.0.0.0/0
169.254.169.254      tcp dpt:80 to:172.16.0.201:8775

But I never see a connection being made when I spin up an instance.  The
instance reports no route to host.


My environment is a single server (its a VM under VirtualBox) - am I
complicating things by having this as an all in one box - is the
use_namespace option adding to my woes and is this just a scenario that
doesn't make sense (although for someone investigating/learning OpenStack
these single instance environments have been valuable).

Cheers,
Kev


On 7 November 2012 18:21, Salvatore Orlando <sorlando at nicira.com> wrote:

> Kevin is correct; as your're running IP namespaces, you'll need to look
> for iptables in that namespace.
> The metadata settings however are visible in the log extract you posted.
> It seems your metadata server is sitting at 172.16.0.201:8775
> I guess you've already ensured that endpoint is reachable from the router
> (a wget execute in the router namespace will prove that).
>
> Also, metadata is one of those (few) features which in Quantum come with
> strings attached. You can find more info on this in the admin guide [1].
> The link to the page where metadata are discussed reported below, just in
> case you haven't already seen it.
>
> Salvatore
>
>
> [1]
> http://docs.openstack.org/trunk/openstack-network/admin/content/adv_cfg_l3_agent_metadata.html
>
> On 7 November 2012 19:00, Stephen Gran <stephen.gran at guardian.co.uk>wrote:
>
>> **
>> On Wed, 2012-11-07 at 16:02 +0000, Kevin Jackson wrote:
>>
>> Heyup good folk of OpenStack,
>> I'm having the same issue as Sina.  My configuration seems to look OK (I
>> have an instance, with IP that can ping its default route to on an internal
>> network) but I get the failure to contact the metadata server with the
>> explanation that Sina gave.
>>
>> In my /var/log/quantum/l3_agent.log I have the following:
>> http://paste.openstack.org/show/24801/
>> There's also a paste of an iptables output that I would've expected to
>> see the DNAT rules in.
>>
>> What am I missing?
>>
>>
>> You're not looking in the correct network namespace:
>>
>> ip netns exec qrouter-61245d6f-1195-4ca0-ba08-f0636f7d44c6 iptables -L -v
>> -t nat
>> ip netns exec qrouter-61245d6f-1195-4ca0-ba08-f0636f7d44c6 ip r
>>
>> Cheers,
>>
>> --
>> Stephen Gran
>> Senior Systems Integrator - guardian.co.uk
>>
>>   Please consider the environment before printing this email.
>> ------------------------------------------------------------------
>> Visit guardian.co.uk - website of the year
>>  www.guardian.co.uk    www.observer.co.uk     www.guardiannews.com
>>
>> On your mobile, visit m.guardian.co.uk or download the Guardian
>> iPhone app www.guardian.co.uk/iphone and iPad edition www.guardian.co.uk/iPad
>>
>> Save up to 37% by subscribing to the Guardian and Observer - choose the papers you want and get full digital access.
>> Visit guardian.co.uk/subscribe
>>
>> ---------------------------------------------------------------------
>> This e-mail and all attachments are confidential and may also
>> be privileged. If you are not the named recipient, please notify
>> the sender and delete the e-mail and all attachments immediately.
>> Do not disclose the contents to another person. You may not use
>> the information for any purpose, or store, or copy, it in any way.
>>
>> Guardian News & Media Limited is not liable for any computer
>> viruses or other material transmitted with or as part of this
>> e-mail. You should employ virus checking software.
>>
>> Guardian News & Media Limited
>>
>> A member of Guardian Media Group plc
>> Registered Office
>> PO Box 68164
>> Kings Place
>> 90 York Way
>> London
>> N1P 2AP
>>
>> Registered in England Number 908396
>>
>>
>> _______________________________________________
>> Mailing list: https://launchpad.net/~openstack
>> Post to     : openstack at lists.launchpad.net
>> Unsubscribe : https://launchpad.net/~openstack
>> More help   : https://help.launchpad.net/ListHelp
>>
>>
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack at lists.launchpad.net
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp
>
>


-- 
Kevin Jackson
@itarchitectkev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20121108/2b3ec87b/attachment.html>