[Openstack] cloud-init on SL6 unable to access metadata server

Justin Chiu j.chiu at cern.ch
Mon Jun 3 17:57:54 UTC 2013


On 2013-06-03 10:28 AM, George Mihaiescu wrote:
> Try manually removing the route to 169.254.0.0 from inside the instance: route del -net 169.254.0.0/16 dev eth0
>
> And then test again with "curl -m 10 -s http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key"
curl could not connect to host. Interestingly, I can ping to 
169.254.169.254 (from within the instance)...
>
>
> -----Original Message-----
> From: Openstack [mailto:openstack-bounces+george.mihaiescu=q9.com at lists.launchpad.net] On Behalf Of Justin Chiu
> Sent: Monday, June 03, 2013 1:12 PM
> To: openstack at lists.launchpad.net
> Subject: [Openstack] cloud-init on SL6 unable to access metadata server
>
> Hi all,
>
> I am having some issues with cloud-init being unable to contact the
> metadata server. cloud-init built into a base Scientific Linux 6.4 image
> with Oz. Any ideas on what might be the cause?
>
> Starting cloud-init: ci-info: lo    : 1 127.0.0.1 255.0.0.0       .
>
> ci-info: eth0  : 1 10.0.100.3      255.255.255.0   fa:16:3e:00:55:b3
>
> ci-info: route-0: 10.0.100.0      0.0.0.0         255.255.255.0 eth0   U
>
> ci-info: route-1: 169.254.0.0     0.0.0.0         255.255.0.0 eth0   U
>
> ci-info: route-2: 0.0.0.0         10.0.100.1      0.0.0.0 eth0   UG
>
> cloud-init start running: Fri, 31 May 2013 21:33:13 +0000. up 16.56 seconds
> DataSourceEc2.py[WARNING]:
> 'http://169.254.169.254/2009-04-04/meta-data/instance-id' failed
> [50/120s]: url error [timed out]
> ...
> DataSourceEc2.py[WARNING]:
> 'http://169.254.169.254/2009-04-04/meta-data/instance-id' failed
> [119/120s]: url error [timed out]
> DataSourceEc2.py[CRITICAL]: giving up on md after 120 seconds
>
>   From within the VM, I can ping 169.254.169.254 but curl
> http://169.254.169.254 produces no output.
>
> cloud-init starts up successfully from Ubuntu Cloud images, gets
> metadata OK. curl http://169.254.169.254 produces the correct output
> (metadata/ 2009.../ etc...)
>
> iptables -L -n -t nat output of the controller+compute node:
> Chain nova-network-PREROUTING (1 references)
> target     prot opt source               destination
> DNAT       tcp  --  0.0.0.0/0            169.254.169.254     tcp dpt:80
> to:a.b.c.8:8775
>
> Openstack specs: Folsom 2012.2.4-1 release from EPEL 6, installed on two
> SL6.4 base installs. One cloud controller+compute node and the other
> purely compute node. FlatDHCP, eth0 public, eth1 flat (both eth1 of each
> node are connected via a switch, independent from eth0).
>
> nova.conf on controller+compute node (IP a.b.c.8 and hostname t1-pps05):
>
> [DEFAULT]
> logdir = /var/log/nova
> state_path = /var/lib/nova
> lock_path = /var/lib/nova/tmp
> volumes_dir = /etc/nova/volumes
> dhcpbridge = /usr/bin/nova-dhcpbridge
> dhcpbridge_flagfile = /etc/nova/nova.conf
> force_dhcp_release = True
> injected_network_template = /usr/share/nova/interfaces.template
> libvirt_nonblocking = True
> libvirt_inject_partition = -1
> network_manager = nova.network.manager.FlatDHCPManager
> iscsi_helper = tgtadm
> sql_connection = mysql://nova:XXX@t1-pps05/nova
> compute_driver = libvirt.LibvirtDriver
> firewall_driver = nova.virt.libvirt.firewall.IptablesFirewallDriver
> rpc_backend = nova.openstack.common.rpc.impl_qpid
> rootwrap_config = /etc/nova/rootwrap.conf
> flat_interface = eth1
> public_interface = eth0
> volume_api_class = nova.volume.cinder.API
> enabled_apis = ec2,osapi_compute,metadata
> auth_strategy = keystone
>
> my_ip = a.b.c.8
> fixed_range = 10.0.100.0/24
> flat_network_bridge = br100
> flat_injected = False
> novncproxy_host = 0.0.0.0
> novncproxy_port = 6080
> novncproxy_base_url = http://t1-pps05:6080/vnc_auto.html
> vnc_enabled = True
> vncserver_listen = a.b.c.8
> vncserver_proxyclient_address = a.b.c.8
>
> [keystone_authtoken]
> admin_tenant_name = admin
> admin_user = admin
> admin_password = XXX
> auth_host = t1-pps05
> auth_port = 35357
> auth_protocol = http
> signing_dir = /tmp/keystone-signing-nova
>
> nova.conf on compute only node (a.b.c.9, t1-pps06):
>
> [DEFAULT]
> logdir = /var/log/nova
> state_path = /var/lib/nova
> lock_path = /var/lib/nova/tmp
> volumes_dir = /etc/nova/volumes
> dhcpbridge = /usr/bin/nova-dhcpbridge
> dhcpbridge_flagfile = /etc/nova/nova.conf
> force_dhcp_release = True
> injected_network_template = /usr/share/nova/interfaces.template
> libvirt_nonblocking = True
> libvirt_inject_partition = -1
> network_manager = nova.network.manager.FlatDHCPManager
> iscsi_helper = tgtadm
> sql_connection = mysql://nova:XXX@t1-pps05/nova
> compute_driver = libvirt.LibvirtDriver
> firewall_driver = nova.virt.libvirt.firewall.IptablesFirewallDriver
> rpc_backend = nova.openstack.common.rpc.impl_qpid
> rootwrap_config = /etc/nova/rootwrap.conf
> flat_interface = eth1
> public_interface = eth0
> volume_api_class = nova.volume.cinder.API
> enabled_apis = ec2,osapi_compute,metadata
> auth_strategy = keystone
>
> my_ip = a.b.c.9
> fixed_range = 10.0.100.0/24
> flat_network_bridge = br100
> flat_injected = False
> novncproxy_host = 0.0.0.0
> novncproxy_port = 6080
> novncproxy_base_url = http://t1-pps06:6080/vnc_auto.html
> vnc_enabled = True
> vncserver_listen = a.b.c.9
> vncserver_proxyclient_address = a.b.c.9
>
> s3_host = a.b.c.8
> ec2_host = a.b.c.8
> qpid_hostname = a.b.c.8
> metadata_host = a.b.c.8
> ec2_dmz_host = a.b.c.8
>
> image_service=nova.image.glance.GlanceImageService
> glance_api_servers=a.b.c.8:9292
>
> [keystone_authtoken]
> admin_tenant_name = admin
> admin_user = admin
> admin_password = XXX
> auth_host = t1-pps05
> auth_port = 35357
> auth_protocol = http
> signing_dir = /tmp/keystone-signing-nova
>
> Image specs: Built with oz-0.10.0-2.el6.noarch from SL6.4 x86_64 DVD
> ISO, very basic kickstart, cloud-init install specified in template TDL
> file. Virt-sysprep then added to Glance.
>
> Kickstart:
> install
> text
> keyboard us
> lang en_US.UTF-8
> skipx
> network --onboot yes --device eth0 --bootproto dhcp
> rootpw XXX
> logging --level=info
> firewall --disabled
> authconfig --enableshadow --enablemd5
> selinux --disabled
> timezone --utc America/Vancouver
> bootloader --location=mbr --append="console=tty0 console=ttyS0,115200"
> zerombr yes
> clearpart --all
>
> part /boot --fstype ext4 --size=200
> part pv.2 --size=1 --grow
> volgroup VolGroup00 --pesize=32768 pv.2
> logvol swap --fstype swap --name=LogVol01 --vgname=VolGroup00 --size=768
> --grow --maxsize=1536
> logvol / --fstype ext4 --name=LogVol00 --vgname=VolGroup00 --size=1024
> --grow
> reboot
>
> %packages
> @base
>
> %post
>
> Template TDL:
> <template>
>     <name>sl64wrepo_onbootnet_x86_64</name>
>     <disk>
>       <size>2</size>
>     </disk>
>     <os>
>       <name>SL-6</name>
>       <version>4</version>
>       <arch>x86_64</arch>
>       <install type='iso'>
> <iso>file:///mnt/scratch/SL-64-x86_64-2013-03-18-Install-DVD.iso</iso>
>       </install>
>     </os>
>     <description>SL 6.4wrepoonbootnet template</description>
>     <repositories>
>       <repository name='epel-6'>
> <url>http://download.fedoraproject.org/pub/epel/6/x86_64</url>
>         <signed>False</signed>
>         <persisted>True</persisted>
>       </repository>
>     </repositories>
>     <packages>
>       <package name='cloud-init'/>
>     </packages>
> </template>
>
> --
> Justin Chiu    TRIUMF
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack at lists.launchpad.net
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp





More information about the Openstack mailing list