Bug 1471622 - haproxy (from l3) does not able to reach the neutron_metadata_agent
Summary: haproxy (from l3) does not able to reach the neutron_metadata_agent
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat OpenStack
Classification: Red Hat
Component: openstack-tripleo-heat-templates
Version: 12.0 (Pike)
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: ga
: 12.0 (Pike)
Assignee: Brent Eagles
QA Contact: Toni Freger
URL:
Whiteboard:
Depends On: 1433535
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-07-17 06:00 UTC by Attila Fazekas
Modified: 2018-02-05 19:10 UTC (History)
11 users (show)

Fixed In Version: openstack-tripleo-heat-templates-7.0.0-0.20170805163048.el7ost
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-12-13 21:42:20 UTC
Target Upstream Version:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Launchpad 1705289 0 None None None 2017-07-19 15:27:23 UTC
OpenStack gerrit 485258 0 'None' 'MERGED' 'Mount /var/lib/neutron in neutron agents for metadata proxy' 2019-11-21 03:00:31 UTC
Red Hat Product Errata RHEA-2017:3462 0 normal SHIPPED_LIVE Red Hat OpenStack Platform 12.0 Enhancement Advisory 2018-02-16 01:43:25 UTC

Description Attila Fazekas 2017-07-17 06:00:17 UTC 
Description of problem:

The vm tries to reach the metadata service on the 169.254.169.254, but it receives 500.

openstack-neutron-metadata-agent-docker has a service which provides services
on the /var/lib/neutron/metadata_proxy socket.

The service is consumed by the haproxy services launched in each router net namespaces.
These haproxy instances belongs to the neutron_l3_agent container.


$ docker exec neutron_metadata_agent stat /var/lib/neutron/metadata_proxy
  File: '/var/lib/neutron/metadata_proxy'
  Size: 0         	Blocks: 0          IO Block: 4096   socket
Device: fc02h/64514d	Inode: 29800114    Links: 1
Access: (0644/srw-r--r--)  Uid: (42435/ neutron)   Gid: (42435/ neutron)
Access: 2017-07-15 22:01:47.556547000 +0000
Modify: 2017-07-15 22:01:47.556547000 +0000
Change: 2017-07-15 22:01:47.556547000 +0000
 Birth: -


$ docker exec neutron_l3_agent stat /var/lib/neutron/metadata_proxy
stat: cannot stat '/var/lib/neutron/metadata_proxy': No such file or directory


Version-Release number of selected component (if applicable):
2017-07-13.2

How reproducible:
always


Steps to Reproduce:
1. Create network/subnet/router/floatingip/vm/sshkey
2. try to boot the vm
3. The vm receives 500 from the metadata haproxy (no ssh key)

Actual results:
 Failed to ssh, the nova conslelog indicates the vm was able to connect to the
 dhcp server , but it was not able to get the metadata.

Expected results:
 The vm receives metadata over the metadata-service (ssh key) and I am able to ssh the vm.


Additional Info:
neutron-ns-metadata-proxy was replaced by haproxy.
Comment 2 Attila Fazekas 2017-07-19 07:50:00 UTC 
Forced config drive usage is a possible workaround.
Comment 3 Omri Hochman 2017-07-19 13:10:55 UTC 
neutron service should be running on BM for the OSP12 cycle , we should see if the problem still occurs with that configuration.
Comment 8 Toni Freger 2017-11-23 05:34:52 UTC 
Moving to GA, will be tested during customized neutron Tech Preview RFE - https://bugzilla.redhat.com/show_bug.cgi?id=1433535
Agreed by UA
Comment 14 errata-xmlrpc 2017-12-13 21:42:20 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2017:3462
Note You need to log in before you can comment on or make changes to this bug.