Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1633782

Summary: The EC2 Metadata IP 169.254.169.254 is problematic with routed spine/leaf
Product: Red Hat OpenStack Reporter: Dan Sneddon <dsneddon>
Component: openstack-tripleo-heat-templatesAssignee: Emilien Macchi <emacchi>
Status: CLOSED CURRENTRELEASE QA Contact: Sasha Smolyak <ssmolyak>
Severity: high Docs Contact:
Priority: high    
Version: 15.0 (Stein)CC: bfournie, dbecker, jslagle, mburns, morazi
Target Milestone: ---Keywords: Triaged, ZStream
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-11-11 17:36:56 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Dan Sneddon 2018-09-27 18:28:59 UTC 
Description of problem:
OSP-Director requires that overcloud nodes obtain their password to enroll in the CA via the EC2 metadata IP (169.254.169.254). Unfortunately, this IP is not routable, so this doesn't work well for routed spine/leaf.

Version-Release number of selected component (if applicable):
Stein and all previous versions

How reproducible:
100%

Steps to Reproduce:
1. Deploy nodes using routed spine/leaf with TLS everywhere.
2.
3.

Actual results:
Nodes that are not on the same control plane subnet as the undercloud cannot reach the metadata server unless there exist routes on the routers that point 169.254.169.254 to the undercloud IP. 

Expected results:
We should not rely on link-local addresses for routed installations.

Additional info:
The issue is that the 169.254.169.254 destination address is not known to the routers unless a special route is added for this address. This is not always permissible depending on network policy at specific sites. This is also an extra step that can be forgotten on some segments.
Comment 3 Bob Fournier 2018-11-30 16:30:41 UTC 
We ultimately want to remove the Metadata IP settings from the undercloud.
Comment 5 Bob Fournier 2019-11-11 17:36:56 UTC 
Closing this as fixed per comment 2.
Comment 6 Dan Sneddon 2019-11-11 17:53:38 UTC 
Fixed under https://bugzilla.redhat.com/show_bug.cgi?id=1635370