Bug 1471622

Summary: haproxy (from l3) does not able to reach the neutron_metadata_agent
Product: Red Hat OpenStack Reporter: Attila Fazekas <afazekas>
Component: openstack-tripleo-heat-templatesAssignee: Brent Eagles <beagles>
Status: CLOSED ERRATA QA Contact: Toni Freger <tfreger>
Severity: high Docs Contact:
Priority: high    
Version: 12.0 (Pike)CC: afazekas, amuller, bperkins, ihrachys, jschluet, ltoscano, m.andre, mburns, rhallise, rhel-osp-director-maint, tvignaud
Target Milestone: gaKeywords: AutomationBlocker, Triaged
Target Release: 12.0 (Pike)   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: openstack-tripleo-heat-templates-7.0.0-0.20170805163048.el7ost Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-12-13 21:42:20 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1433535    
Bug Blocks:    

Description Attila Fazekas 2017-07-17 06:00:17 UTC
Description of problem:

The vm tries to reach the metadata service on the 169.254.169.254, but it receives 500.

openstack-neutron-metadata-agent-docker has a service which provides services
on the /var/lib/neutron/metadata_proxy socket.

The service is consumed by the haproxy services launched in each router net namespaces.
These haproxy instances belongs to the neutron_l3_agent container.


$ docker exec neutron_metadata_agent stat /var/lib/neutron/metadata_proxy
  File: '/var/lib/neutron/metadata_proxy'
  Size: 0         	Blocks: 0          IO Block: 4096   socket
Device: fc02h/64514d	Inode: 29800114    Links: 1
Access: (0644/srw-r--r--)  Uid: (42435/ neutron)   Gid: (42435/ neutron)
Access: 2017-07-15 22:01:47.556547000 +0000
Modify: 2017-07-15 22:01:47.556547000 +0000
Change: 2017-07-15 22:01:47.556547000 +0000
 Birth: -


$ docker exec neutron_l3_agent stat /var/lib/neutron/metadata_proxy
stat: cannot stat '/var/lib/neutron/metadata_proxy': No such file or directory


Version-Release number of selected component (if applicable):
2017-07-13.2

How reproducible:
always


Steps to Reproduce:
1. Create network/subnet/router/floatingip/vm/sshkey
2. try to boot the vm
3. The vm receives 500 from the metadata haproxy (no ssh key)

Actual results:
 Failed to ssh, the nova conslelog indicates the vm was able to connect to the
 dhcp server , but it was not able to get the metadata.

Expected results:
 The vm receives metadata over the metadata-service (ssh key) and I am able to ssh the vm.


Additional Info:
neutron-ns-metadata-proxy was replaced by haproxy.

Comment 2 Attila Fazekas 2017-07-19 07:50:00 UTC
Forced config drive usage is a possible workaround.

Comment 3 Omri Hochman 2017-07-19 13:10:55 UTC
neutron service should be running on BM for the OSP12 cycle , we should see if the problem still occurs with that configuration.

Comment 8 Toni Freger 2017-11-23 05:34:52 UTC
Moving to GA, will be tested during customized neutron Tech Preview RFE - https://bugzilla.redhat.com/show_bug.cgi?id=1433535
Agreed by UA

Comment 14 errata-xmlrpc 2017-12-13 21:42:20 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2017:3462