← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1236783] Re: Using external routers and dhcp metadata together is difficult

 

** Changed in: neutron
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1236783

Title:
  Using external routers and dhcp metadata together is difficult

Status in OpenStack Neutron (virtual network service):
  Fix Released

Bug description:
  When isolated_metadata=true, the dhcp agent will only push out a
  static route for the metadata address (169.254.169.254/32 via the dhcp
  ip) when the subnet is isolated. This makes sense because if the
  subnet is connected to a Neutron router, then the instances can get
  the metadata from the Neutron router namespace via their default
  route, and so there is no need for the static route.

  Currently the dhcp agent determines that the subnet is isolated by
  simply checking that the subnet gateway_ip is not set.

  https://github.com/openstack/neutron/blob/177bfb030e60267fb009b181e752ec6c37d9010b/neutron/agent/linux/dhcp.py#L450

  enable_metadata = (
                  self.conf.enable_isolated_metadata
                  and not subnet.gateway_ip
                  and subnet.ip_version == 4)

  But this creates difficulty for users who don't want to use Neutron
  routers, but want to use a provider network with an external router
  and get the metadata via the proxy in the dhcp namespace instead. You
  would like to set gateway_ip to the external router, but when you do
  that, the agent will not push out the route.

  To workaround, you can push out the default route as a host route, eg,
  if the external router is at 10.0.0.254:

  neutron subnet-create net1 10.0.0.0/24 --name sub1 \
  --no-gateway \
  --host-route destination=0.0.0.0/0,nexthop=10.0.0.254 \
  --allocation-pool start=10.0.0.1,end=10.0.0.253

  Or you can set the gateway_ip and manually add the metadata static
  route to the subnet. But then you need to first determine what the
  dhcp IP is, or will be, and I think it can land on any of the first 3
  ips of the CIDR depending on where the gateway_ip is, and if the dhcp-
  agent is restarted before the first instance for the network is
  booted.

  Anyway, these workarounds are tricky and are not very obvious. It
  would be better if users could just do this:

  neutron subnet-create net1 10.0.0.0/24 --name sub1 ---gateway_ip
  10.0.0.254

  This would be possible if the agent determined that the subnet was
  isolated by checking for the absence of a Neutron router on it, rather
  than just checking that it has no gateway_ip.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1236783/+subscriptions