openstack team mailing list archive

[Sylvain Bauza <sylvain.bauza@xxxxxxxxxxxx>]

Metadata API allows to fetch SSH credentials when booting (pubkey I mean).
If a VM is unable to reach metadata service, then it won't be able to 
get its public key, so you won't be able to connect, unless you 
specifically go thru a Password authentication (provided password auth 
is enabled in /etc/ssh/sshd_config, which is not the case with Ubuntu 
cloud archive).
There is also a side effect, the boot process is longer as the instance 
is waiting for the curl timeout (60sec.) to finish booting up.

Re: Quantum, the metadata API is actually DNAT'd from Network node to 
the Nova-api node (here 172.16.0.1 as internal management IP) :
Chain quantum-l3-agent-PREROUTING (1 references)
target     prot opt source               destination
DNAT       tcp  --  0.0.0.0/0            169.254.169.254      tcp dpt:80 
to:172.16.0.1:8775


Anyway, the first step is to :
1. grab the console.log
2. access thru VNC to the desired instance

Troubleshooting will be easier once that done.

-Sylvain



Le 15/02/2013 14:24, Chathura M. Sarathchandra Magurawalage a écrit :
> Hello Guys,
>
> Not sure if this is the right port but these are the results:
>
> *Compute node:*
>
> root@computenode:~# netstat -an | grep 8775
> tcp        0      0 0.0.0.0:8775 <http://0.0.0.0:8775>  0.0.0.0:*     
>           LISTEN
>
> *Controller: *
>
> root@controller:~# netstat -an | grep 8775
> tcp        0      0 0.0.0.0:8775 <http://0.0.0.0:8775>  0.0.0.0:*     
>           LISTEN
>
> *Additionally I cant curl 169.254.169.254 from the compute node. I am 
> not sure if this is related to not being able to PING the VM.*
>
> curl -v http://169.254.169.254
> * About to connect() to 169.254.169.254 port 80 (#0)
> *   Trying 169.254.169.254...
>
> Thanks for your help
>
>
> -----------------------------------------------------------------------------------------------------------------------------
> Chathura Madhusanka Sarathchandra Magurawalage.
> 1NW.2.1, Desk 2
> School of Computer Science and Electronic Engineering
> University Of Essex
> United Kingdom.
>
> Email: csarata@xxxxxxxxxxx <mailto:csarata@xxxxxxxxxxx>
>           chathura.sarathchandra@xxxxxxxxx <mailto:77.chathura@xxxxxxxxx>
> 77.chathura@xxxxxxxxx <mailto:77.chathura@xxxxxxxxx>
>
>
> On 15 February 2013 11:03, Anil Vishnoi <vishnoianil@xxxxxxxxx 
> <mailto:vishnoianil@xxxxxxxxx>> wrote:
>
>     If you are using ubuntu cloud image then the only way to log-in is
>     to do ssh with the public key. For that you have to create ssh key
>     pair and download the ssh key. You can create this ssh pair using
>     horizon/cli.
>
>
>     On Fri, Feb 15, 2013 at 4:27 PM, Sylvain Bauza
>     <sylvain.bauza@xxxxxxxxxxxx <mailto:sylvain.bauza@xxxxxxxxxxxx>>
>     wrote:
>
>
>         Le 15/02/2013 11:42, Chathura M. Sarathchandra Magurawalage a
>         écrit :
>
>
>             How can I log into the VM from VNC? What are the credentials?
>
>
>         You have multiple ways to get VNC access. The easiest one is
>         thru Horizon. Other can be looking at the KVM command-line for
>         the desired instance (on the compute node) and check the vnc
>         port in use (assuming KVM as hypervisor).
>         This is basic knowledge of Nova.
>
>
>
>             nova-api-metadata is running fine in the compute node.
>
>
>         Make sure the metadata port is avaible thanks to telnet or
>         netstat, nova-api can be running without listening on metadata
>         port.
>
>
>
>
>         _______________________________________________
>         Mailing list: https://launchpad.net/~openstack
>         <https://launchpad.net/%7Eopenstack>
>         Post to     : openstack@xxxxxxxxxxxxxxxxxxx
>         <mailto:openstack@xxxxxxxxxxxxxxxxxxx>
>         Unsubscribe : https://launchpad.net/~openstack
>         <https://launchpad.net/%7Eopenstack>
>         More help   : https://help.launchpad.net/ListHelp
>
>
>
>
>     -- 
>     Thanks & Regards
>     --Anil Kumar Vishnoi