openstack team mailing list archive

Thread
Date

Re: Problems accessing metadata service due to nova-network generated iptables rules

To: Lars Kellogg-Stedman <lars@xxxxxxxxxxxxxxxx>
From: Lorin Hochstein <lorin@xxxxxxxxxxxxxxxxxx>
Date: Sun, 24 Jun 2012 19:16:19 -0400
Cc: "openstack@xxxxxxxxxxxxxxxxxxx" <openstack@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <20120620214401.GF2964@seas.harvard.edu>

On Jun 20, 2012, at 5:44 PM, Lars Kellogg-Stedman wrote:

>>> Is the DNAT rule expected to work?  Does linux_net.py need a special
>>> case for when the metadata address is on the local host?
> 
> I have confirmed that the DNAT rule works *unless* metadata_host is
> 127.0.0.1, in which case you need a REDIRECT rule.
> 

Did you ever find out what was causing the issue with your configuration? We run using multi-host  (nova-api metadata service and nova-compute on every node) in VLAN mode, and our instances have no problem reaching the metadata service.

Take care,

Lorin
--
Lorin Hochstein
Lead Architect - Cloud Services
Nimbis Services, Inc.
www.nimbisservices.com

Attachment: smime.p7s
Description: S/MIME cryptographic signature

References

Problems accessing metadata service due to nova-network generated iptables rules
From: Lars Kellogg-Stedman, 2012-06-20
Re: Problems accessing metadata service due to nova-network generated iptables rules
From: Lars Kellogg-Stedman, 2012-06-20
Re: Problems accessing metadata service due to nova-network generated iptables rules
From: Lars Kellogg-Stedman, 2012-06-20
Re: Problems accessing metadata service due to nova-network generated iptables rules
From: Lars Kellogg-Stedman, 2012-06-20