Bug 1471622 - haproxy (from l3) does not able to reach the neutron_metadata_agent
haproxy (from l3) does not able to reach the neutron_metadata_agent
Status: CLOSED ERRATA
Product: Red Hat OpenStack
Classification: Red Hat
Component: openstack-tripleo-heat-templates (Show other bugs)
12.0 (Pike)
Unspecified Unspecified
high Severity high
: ga
: 12.0 (Pike)
Assigned To: Brent Eagles
Toni Freger
: AutomationBlocker, Triaged
Depends On: 1433535
Blocks:
  Show dependency treegraph
 
Reported: 2017-07-17 02:00 EDT by Attila Fazekas
Modified: 2018-02-05 14:10 EST (History)
11 users (show)

See Also:
Fixed In Version: openstack-tripleo-heat-templates-7.0.0-0.20170805163048.el7ost
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2017-12-13 16:42:20 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Launchpad 1705289 None None None 2017-07-19 11:27 EDT
OpenStack gerrit 485258 None None None 2017-07-19 11:52 EDT

  None (edit)
Description Attila Fazekas 2017-07-17 02:00:17 EDT
Description of problem:

The vm tries to reach the metadata service on the 169.254.169.254, but it receives 500.

openstack-neutron-metadata-agent-docker has a service which provides services
on the /var/lib/neutron/metadata_proxy socket.

The service is consumed by the haproxy services launched in each router net namespaces.
These haproxy instances belongs to the neutron_l3_agent container.


$ docker exec neutron_metadata_agent stat /var/lib/neutron/metadata_proxy
  File: '/var/lib/neutron/metadata_proxy'
  Size: 0         	Blocks: 0          IO Block: 4096   socket
Device: fc02h/64514d	Inode: 29800114    Links: 1
Access: (0644/srw-r--r--)  Uid: (42435/ neutron)   Gid: (42435/ neutron)
Access: 2017-07-15 22:01:47.556547000 +0000
Modify: 2017-07-15 22:01:47.556547000 +0000
Change: 2017-07-15 22:01:47.556547000 +0000
 Birth: -


$ docker exec neutron_l3_agent stat /var/lib/neutron/metadata_proxy
stat: cannot stat '/var/lib/neutron/metadata_proxy': No such file or directory


Version-Release number of selected component (if applicable):
2017-07-13.2

How reproducible:
always


Steps to Reproduce:
1. Create network/subnet/router/floatingip/vm/sshkey
2. try to boot the vm
3. The vm receives 500 from the metadata haproxy (no ssh key)

Actual results:
 Failed to ssh, the nova conslelog indicates the vm was able to connect to the
 dhcp server , but it was not able to get the metadata.

Expected results:
 The vm receives metadata over the metadata-service (ssh key) and I am able to ssh the vm.


Additional Info:
neutron-ns-metadata-proxy was replaced by haproxy.
Comment 2 Attila Fazekas 2017-07-19 03:50:00 EDT
Forced config drive usage is a possible workaround.
Comment 3 Omri Hochman 2017-07-19 09:10:55 EDT
neutron service should be running on BM for the OSP12 cycle , we should see if the problem still occurs with that configuration.
Comment 8 Toni Freger 2017-11-23 00:34:52 EST
Moving to GA, will be tested during customized neutron Tech Preview RFE - https://bugzilla.redhat.com/show_bug.cgi?id=1433535
Agreed by UA
Comment 14 errata-xmlrpc 2017-12-13 16:42:20 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2017:3462

Note You need to log in before you can comment on or make changes to this bug.