← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1606741] Re: Metadata service for instances is unavailable when the l3-agent on the compute host is dvr_snat mode

 

** Changed in: cloud-archive/stein
       Status: New => Fix Released

** Description changed:

+ [Impact] 
+ Currently if you deploy Openstack with dvr and l3ha enabled (and > 1 compute host) only instances that are booted on the compute host that is running the VR master will have access to metadata. This patch ensures that both master and slave VRs have an associated haproxy ns-metadata proccess running local to the compute host.
+ 
+ [Test Case]
+ * deploy Openstack with dvr and l3ha enabled with 2 compute hosts
+ * create an ubuntu instance on each compute hosts
+ * check that both are able to access the metadata api (i.e. cloud-init completes successfully)
+ * verify that there is an ns-metadata haproxy process running on each compute host
+ 
+ [Regression Potential] 
+ None anticipated
+  
+ =============================================================================
+ 
  In my mitaka environment, there are five nodes here, including
  controller, network1, network2, computer1, computer2 node. I start
  l3-agents with dvr_snat mode in all network and compute nodes and set
  enable_metadata_proxy to true in l3-agent.ini. It works well for most
  neutron services unless the metadata proxy service. When I run command
  "curl http://169.254.169.254"; in an instance booting from cirros, it
  returns "curl: couldn't connect to host" and the instance can't fetch
  metadata in its first booting.
  
  * Pre-conditions: start l3-agent with dvr_snat mode in all computer and
  network nodes and set enable_metadata_proxy to true in l3-agent.ini.
  
  * Step-by-step reproduction steps:
      1.create a network and a subnet under this network;
      2.create a router;
      3.add the subnet to the router
      4.create an instance with cirros (or other images) on this subnet
      5.open the console for this instance and run command 'curl http://169.254.169.254' in bash, waiting for result.
  
  * Expected output: this command should return the true metadata info
  with the command  'curl http://169.254.169.254'
  
  * Actual output:  the command actually returns "curl: couldn't connect
  to host"
  
  * Version:
    ** Mitaka
    ** All hosts are centos7

** Tags added: sts-sru-needed

** Summary changed:

- Metadata service for instances is unavailable when the l3-agent on the compute host  is dvr_snat mode
+ [SRU] Metadata service for instances is unavailable when the l3-agent on the compute host  is dvr_snat mode

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1606741

Title:
  [SRU] Metadata service for instances is unavailable when the l3-agent
  on the compute host  is dvr_snat mode

Status in Ubuntu Cloud Archive:
  Fix Released
Status in Ubuntu Cloud Archive queens series:
  New
Status in Ubuntu Cloud Archive rocky series:
  New
Status in Ubuntu Cloud Archive stein series:
  Fix Released
Status in neutron:
  Fix Released
Status in neutron package in Ubuntu:
  Fix Released
Status in neutron source package in Bionic:
  New
Status in neutron source package in Cosmic:
  New
Status in neutron source package in Disco:
  New
Status in neutron source package in Eoan:
  Fix Released

Bug description:
  [Impact] 
  Currently if you deploy Openstack with dvr and l3ha enabled (and > 1 compute host) only instances that are booted on the compute host that is running the VR master will have access to metadata. This patch ensures that both master and slave VRs have an associated haproxy ns-metadata proccess running local to the compute host.

  [Test Case]
  * deploy Openstack with dvr and l3ha enabled with 2 compute hosts
  * create an ubuntu instance on each compute hosts
  * check that both are able to access the metadata api (i.e. cloud-init completes successfully)
  * verify that there is an ns-metadata haproxy process running on each compute host

  [Regression Potential] 
  None anticipated
   
  =============================================================================

  In my mitaka environment, there are five nodes here, including
  controller, network1, network2, computer1, computer2 node. I start
  l3-agents with dvr_snat mode in all network and compute nodes and set
  enable_metadata_proxy to true in l3-agent.ini. It works well for most
  neutron services unless the metadata proxy service. When I run command
  "curl http://169.254.169.254"; in an instance booting from cirros, it
  returns "curl: couldn't connect to host" and the instance can't fetch
  metadata in its first booting.

  * Pre-conditions: start l3-agent with dvr_snat mode in all computer
  and network nodes and set enable_metadata_proxy to true in
  l3-agent.ini.

  * Step-by-step reproduction steps:
      1.create a network and a subnet under this network;
      2.create a router;
      3.add the subnet to the router
      4.create an instance with cirros (or other images) on this subnet
      5.open the console for this instance and run command 'curl http://169.254.169.254' in bash, waiting for result.

  * Expected output: this command should return the true metadata info
  with the command  'curl http://169.254.169.254'

  * Actual output:  the command actually returns "curl: couldn't connect
  to host"

  * Version:
    ** Mitaka
    ** All hosts are centos7

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1606741/+subscriptions


References