[rhos-list] Metadata with Quantum.

Fri May 10 13:44:51 UTC 2013

On 05/10/2013 04:18 PM, Minton, Rich wrote:
>
> Guys and Gals,
>
> I'm looking for some direction with regards to implementing Metadata 
> with Quantum.
>
> I'm using Openstack Networking with a Flat provider network, which is 
> working great at the moment. I have a Controller/compute node running 
> the quantum server, a Network node running openvswitch and dhcp 
> agents, and three compute nodes running the openvswitch agent. I was 
> going to install the L3 agent on the controller node since I read 
> somewhere that for this implementation the L3 agent should not be run 
> with the DHCP agent on the same host. From there I need some help with 
> the configuration.
>

Yes, this is correct. At the moment RHEL does not support namespaces so 
in order to have network isolation is is recommended that the l3 agent 
and the dhcp agent do not run on the same host. If this is for a POC 
then you can certainly do this as there is no risk of a security hole.

Hopefully in the coming versions we will have a better solution for this.

Please note that in the RHOS 3 version will will be able to invoke the 
metadata service form the DHCP agent if you choose.

> I have these entries in my nova.conf file on the Controller host (L3 
> agent host)
>
> enabled_apis=ec2,osapi_compute,metadata
>
> metadata_host=172.17.0.68  # This is the external IP of my Controller host
>
> metadata_port=8775
>
> metadata_listen=172.17.0.68
>
> service_quantum_metadata_proxy = true
>
> Is this all I need in nova?
>

I think so.

> Do I need a port on br-ex that routes to my external network?
>

You only need the br-ex on the host that is running the l3-agent.

> Do I need to create a router in quantum?
>

Yes, you need to do this and you need to assign the router to the subnet 
with the private ip. This will ensure that the traffic is sent to the l3 
-agent which in turn will redirect it to the metadata service.

> My External network is 172.17.0.0/24
>
> My management network is 10.255.254.0/24   (this is used for the hosts 
> to talk to each other, i.e., qpid and mysql)
>
> My guest network is 10.0.56.0/21
>
> My l3-agent.conf file:
>
> [DEFAULT]
>
> #sql_connection = mysql://quantum:XXXXXXXX@10.255.254.38/ovs_quantum
>
> # Show more verbose log output (sets INFO log level output).
>
> verbose = True
>
> # Show debugging output in log (sets DEBUG log level output).
>
> debug = True
>
> # L3 agent requires that an interface driver be set.  Choose the one
>
> # that best matches your plugin. There is no default.
>
> # interface_driver =
>
> #
>
> # OVS
>
> interface_driver = quantum.agent.linux.interface.OVSInterfaceDriver
>
> # LinuxBridge
>
> # interface_driver = quantum.agent.linux.interface.BridgeInterfaceDriver
>
> # The Quantum user information for accessing the Quantum API.
>
> auth_strategy = keystone
>
> auth_url = http://10.255.254.38:35357/v2.0/
>
> auth_region = lmicc
>
> admin_tenant_name = services
>
> admin_user = quantum
>
> admin_password = XXXXXXXXXX
>
> # Use "sudo quantum-rootwrap /etc/quantum/rootwrap.conf" to use the real
>
> # root filter facility.
>
> # Change to "sudo" to skip the filtering and just run the comand directly
>
> # root_helper = sudo quantum-rootwrap /etc/quantum/rootwrap.conf
>
> # Without network namespaces, each L3 agent can only configure one
>
> # router.  This is done by setting the specific router_id.
>
> # router_id =
>

Due to the fact that namespaces is not supported you need to create a 
router and then update this with the router id and restart the service 
(sorry it is a real pain). Hopefully in the near future we will have 
packstack support for Quantum that will do all of the above automatically.
>
> # Each L3 agent can be associated with at most one external network.  This
>
> # value should be set to the UUID of that external network.  If empty,
>
> # the agent will enforce that only a single external networks exists and
>
> # use that external network id.
>
> # gateway_external_network_id =
>
> # Indicates that this L3 agent should also handle routers that do not have
>
> # an external network gateway configured.  This option should be True only
>
> # for a single agent in a Quantum deployment, and may be False for all 
> agents
>
> # if all routers must have an external network gateway.
>
> # handle_internal_only_routers = True
>
> # Name of bridge used for external network traffic. This should be set to
>
> # empty value for the linuxbridge plugin.
>
> # external_network_bridge = br-ex
>
> # IP address used by Nova metadata server.
>
> metadata_ip = 172.17.0.68
>
> # TCP Port used by Nova metadata server.
>
> metadata_port = 8775
>
> use_namespaces = False
>
> # The time in seconds between state poll requests.
>
> # polling_interval = 3
>
> Thank you for your help and patience.
>
> Rick
>
> _Richard Minton_
>
> LMICC Systems Administrator
>
> 4000 Geerdes Blvd, 13D31
>
> King of Prussia, PA 19406
>
> Phone: 610-354-5482
>
>
>
> _______________________________________________
> rhos-list mailing list
> rhos-list at redhat.com
> https://www.redhat.com/mailman/listinfo/rhos-list

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/rhos-list/attachments/20130510/ed62bad4/attachment.htm>