[rhos-list] VLANs and metadata
Lutz Christoph
lchristoph at arago.de
Tue Jul 16 08:26:43 UTC 2013
Hello!
Thanks for the link to your labs. I will have to take some time to read the other labs, but skimming through them, they look very useful.
But I have to tell you that except for a missing metadata_ip (which does not seem to make a difference in my case, probably because it defaults to 127.0.0.1) I have all settings you list.
So, alas, nothing has changed. The VM still does not get a reply from 169.254.169.254 because it does not exist, and nothing redirects there.
Since what actually fails is an ARP request for that address, I doubt a redirect rule alone will do the job. I would need a gateway route to avoid the ARP *and* a redirect. I will change the scenario to a routed network (with the L3 agent) to see if that works OK, then see what I can learn for the VLAN case with the external router.
I would be grateful for any further ideas.
Best regards / Mit freundlichen Gr??en
Lutz Christoph
--
Lutz Christoph
arago Institut f?r komplexes Datenmanagement AG
Eschersheimer Landstra?e 526 - 532
60433 Frankfurt am Main
eMail: lchristoph at arago.de - www: http://www.arago.de
Tel: 0172/6301004
Mobil: 0172/6301004
[http://www.arago.net/wp-content/uploads/2013/06/EmailSignatur1.png] <http://www.cloudops.de/>
--
Bankverbindung: Frankfurter Sparkasse, BLZ: 500 502 01, Kto.-Nr.: 79343
Vorstand: Hans-Christian Boos, Martin Friedrich
Vorsitzender des Aufsichtsrats: Dr. Bernhard Walther
Sitz: Kronberg im Taunus - HRB 5731 - Registergericht: K?nigstein i.Ts
Ust.Idnr. DE 178572359 - Steuernummer 2603 003 228 43435
________________________________
Von: Rhys Oxenham <roxenham at redhat.com>
Gesendet: Montag, 15. Juli 2013 21:21
An: Lutz Christoph
Cc: rhos-list at redhat.com
Betreff: Re: [rhos-list] VLANs and metadata
Hi Lutz,
I recently wrote a lab on this exact setup, metadata with Open vSwitch in VLAN tenant networks. If you skip to Lab 11 in this unfinished guide you should be able to set it up. By the way, the port doesn't have to be 8700, I just chose this port to keep it separate from similar ports used by Nova.
https://github.com/rdoxenham/openstack-training/blob/master/documentation/openstack-manual.md
Let us know if you have any questions.
Thanks
Rhys.
Sent from my mobile device
On 15 Jul 2013, at 19:15, Lutz Christoph <lchristoph at arago.de<mailto:lchristoph at arago.de>> wrote:
Hello!
I've set up a simple case (detailed in a previous mail) of a VLANed network. The router is in the switch. Of course it doesn't know anything about 169.254.169.254. But it gets the packets for that address:
19:48:18.399719 fa:16:3e:84:be:da > 00:00:5e:00:01:01, ethertype 802.1Q (0x8100), length 78: vlan 40, p 0, ethertype IPv4, 192.168.102.2.59526 > 169.254.169.254.http: Flags [S], seq 3099670947, win 14600, options [mss 1460,sackOK,TS val 121280 ecr 0,nop,wscale 6], length 0
If a router was involved, the iptables associated with that router would take care of this. But this is using a VLAN, so it only goes through OpenVSwitch, hitting (AFAIK) iptables between the two bridges.
So how does one redirect 169.254.169.254:80 to the metadata agent in this situation? I found some advice by googling that involves creating a 169.254.0.0/16 network, putting the metadata stuff there. But it didn't go beyond that, and while I may be able to do the network, I have no idea what to do on the Quantum, excuse me, Neutron side. I guess the metadata agent is not needed, only the Nova metadata proxy. Or maybe just redirect the request there in the global iptables?
Best regards / Mit freundlichen Gr??en
Lutz Christoph
--
Lutz Christoph
arago Institut f?r komplexes Datenmanagement AG
Eschersheimer Landstra?e 526 - 532
60433 Frankfurt am Main
eMail: lchristoph at arago.de<mailto:lchristoph at arago.de> - www: http://www.arago.de
Tel: 0172/6301004
Mobil: 0172/6301004
[http://www.arago.net/wp-content/uploads/2013/06/EmailSignatur1.png] <http://www.cloudops.de/>
--
Bankverbindung: Frankfurter Sparkasse, BLZ: 500 502 01, Kto.-Nr.: 79343
Vorstand: Hans-Christian Boos, Martin Friedrich
Vorsitzender des Aufsichtsrats: Dr. Bernhard Walther
Sitz: Kronberg im Taunus - HRB 5731 - Registergericht: K?nigstein i.Ts
Ust.Idnr. DE 178572359 - Steuernummer 2603 003 228 43435
_______________________________________________
rhos-list mailing list
rhos-list at redhat.com<mailto:rhos-list at redhat.com>
https://www.redhat.com/mailman/listinfo/rhos-list
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/rhos-list/attachments/20130716/7fba50cf/attachment.htm>
More information about the rhos-list
mailing list