yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #06492
[Bug 1236783] Re: Using external routers and dhcp metadata together is difficult
** Changed in: neutron
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1236783
Title:
Using external routers and dhcp metadata together is difficult
Status in OpenStack Neutron (virtual network service):
Fix Released
Bug description:
When isolated_metadata=true, the dhcp agent will only push out a
static route for the metadata address (169.254.169.254/32 via the dhcp
ip) when the subnet is isolated. This makes sense because if the
subnet is connected to a Neutron router, then the instances can get
the metadata from the Neutron router namespace via their default
route, and so there is no need for the static route.
Currently the dhcp agent determines that the subnet is isolated by
simply checking that the subnet gateway_ip is not set.
https://github.com/openstack/neutron/blob/177bfb030e60267fb009b181e752ec6c37d9010b/neutron/agent/linux/dhcp.py#L450
enable_metadata = (
self.conf.enable_isolated_metadata
and not subnet.gateway_ip
and subnet.ip_version == 4)
But this creates difficulty for users who don't want to use Neutron
routers, but want to use a provider network with an external router
and get the metadata via the proxy in the dhcp namespace instead. You
would like to set gateway_ip to the external router, but when you do
that, the agent will not push out the route.
To workaround, you can push out the default route as a host route, eg,
if the external router is at 10.0.0.254:
neutron subnet-create net1 10.0.0.0/24 --name sub1 \
--no-gateway \
--host-route destination=0.0.0.0/0,nexthop=10.0.0.254 \
--allocation-pool start=10.0.0.1,end=10.0.0.253
Or you can set the gateway_ip and manually add the metadata static
route to the subnet. But then you need to first determine what the
dhcp IP is, or will be, and I think it can land on any of the first 3
ips of the CIDR depending on where the gateway_ip is, and if the dhcp-
agent is restarted before the first instance for the network is
booted.
Anyway, these workarounds are tricky and are not very obvious. It
would be better if users could just do this:
neutron subnet-create net1 10.0.0.0/24 --name sub1 ---gateway_ip
10.0.0.254
This would be possible if the agent determined that the subnet was
isolated by checking for the absence of a Neutron router on it, rather
than just checking that it has no gateway_ip.
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1236783/+subscriptions