openstack team mailing list archive

Thread
Date

Re: Problems accessing metadata service due to nova-network generated iptables rules

To: Lars Kellogg-Stedman <lars@xxxxxxxxxxxxxxxx>
From: Vishvananda Ishaya <vishvananda@xxxxxxxxx>
Date: Wed, 20 Jun 2012 15:29:12 -0700
Cc: "openstack@xxxxxxxxxxxxxxxxxxx" <openstack@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <20120620214401.GF2964@seas.harvard.edu>

Generally the suggestion is to not set metadata_host to 127.0.0.1, but to set it to the actual IP of the compute host.  Your code change seems reasonable however and I don't see any problem merging it if you propose it thorugh gerrit.

Vish

On Jun 20, 2012, at 2:44 PM, Lars Kellogg-Stedman wrote:

>>> Is the DNAT rule expected to work?  Does linux_net.py need a special
>>> case for when the metadata address is on the local host?
> 
> I have confirmed that the DNAT rule works *unless* metadata_host is
> 127.0.0.1, in which case you need a REDIRECT rule.
> 
> -- 
> Lars Kellogg-Stedman <lars@xxxxxxxxxxxxxxxx>       |
> Senior Technologist                                | http://ac.seas.harvard.edu/
> Academic Computing                                 | http://code.seas.harvard.edu/
> Harvard School of Engineering and Applied Sciences |
> 
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp

References

Problems accessing metadata service due to nova-network generated iptables rules
From: Lars Kellogg-Stedman, 2012-06-20
Re: Problems accessing metadata service due to nova-network generated iptables rules
From: Lars Kellogg-Stedman, 2012-06-20
Re: Problems accessing metadata service due to nova-network generated iptables rules
From: Lars Kellogg-Stedman, 2012-06-20
Re: Problems accessing metadata service due to nova-network generated iptables rules
From: Lars Kellogg-Stedman, 2012-06-20