Open Stack

On 29 October 2013 18:31, Bill Owen <billowen at us.ibm.com> wrote:
>
> No - looking at that now.
> Thanks,
> Bill Owen

Ok, so you're still on nova-network.

That means you don't have namespaced networks and don't need a
namespace-escaping metadata agent.

So what you should have is regular 'ip route' inspectable routing from
the hypervisor out to through to the network, and an iptables DNAT
rule picking up the 169.254.169.254 traffic.

Firstly, it looks like the default route the instance is picking up is
via 10.10.100.3, is that correct?

Secondly, on your hypervisor itself, please gather and attach the output from
iptables-save
ip route
ip address

[feel free to mask out any private info]

If 10.10.100.3 is the correct default route for the VM, and it's not
present on the hypervisor's ip address list, then it's probably your
nova network node, so can you log in to it and also gather
iptables-save
ip route
ip address
information.

What we're looking for in this info is the path a packet from the VM
going to 169.254.169.254 port 80 will take. Thats the magic IP address
for the metadata service.

It should intecepted somewhere on the default route out from the VM.

HTH,
Rob

-- 
Robert Collins <rbtcollins at hp.com>
Distinguished Technologist
HP Converged Cloud