[Openstack] VMs not able to contact metadata service

Mark McClain mark.mcclain at dreamhost.com
Thu Jan 3 17:54:55 UTC 2013


Will-

The metadata service in Folsom will only work when overlapping IP ranges are disabled (see: http://docs.openstack.org/trunk/openstack-network/admin/content/ch_limitations.html).  For Grizzly, we have added metadata service for overlapping networks.  This feature is currently available in devstack when you enable the q-meta service.

mark
 
On Jan 2, 2013, at 11:10 PM, Willard Dennis <wdennis at nec-labs.com> wrote:

> Hello all,
> 
> I am running Folsom with Quantum v2, via Devstack. Am trying to use Ubuntu UEC image to spawn VMs, but when the VM instance boots, it is not able to contact the metadata server in order to (among other things) inject the public key needed in order for me to be able to SSH into the instance. See http://paste.openstack.org/show/28764/ for a log snippet if needed.
> 
> Following the (incorrect, bug reported) instructions found at http://docs.openstack.org/folsom/openstack-compute/admin/content/configuring-openstack-compute-basics.html#enabling-access-to-vms-on-the-compute-node (search for "If you want to use the 10.04 Ubuntu Enterprise Cloud images" to get to the instructions, and change the metadata port from the incorrect '8773' to the correct '8775') I added the rule into iptables, with no luckā€¦ I still cannot reach the metadata server at 169.254.169.254:80. When I dump the iptables rules for the 'nat' table, I see that my added rule is being hit, but it's still not working:
> 
> $ sudo iptables -t nat -L -v -n
> Chain PREROUTING (policy ACCEPT 982 packets, 159K bytes)
> pkts bytes target     prot opt in     out     source               destination         
>  210 27054 nova-compute-PREROUTING  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
>   17  1020 DNAT     tcp  --  *      *       0.0.0.0/0            169.254.169.254      tcp dpt:80 to:xxx.xx.xx.xx:8775   <<<<< (target IP addr redacted)
> 3078  520K nova-api-PREROUTING  all  --  *      *       0.0.0.0/0            0.0.0.0/0
> 
> I searched and found this thread from this list: http://www.mail-archive.com/openstack@lists.launchpad.net/msg16569.html
> Does this mean that the Nova metadata service cannot be used with Quantum when using multiple tenant networks (L3 arch)? (this is the model that Devstack implements in my setup)
> If the above is true, can I revert to another supported configuration (and kindly give me a pointer as to how?) 
> Finally, any plans to fix the metadata service so that it will work with Quantum's L3 service, and enable this out of the box with Devstack? (dare to dream :)
> 
> Thanks and regards,
> Will
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack at lists.launchpad.net
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp





More information about the Openstack mailing list