Menu

Subscribe

How to use meta-data service for VM with provider network

on meta-data, neutron, provider network

When VM is using provider network, the traffic to network outside cloud passes through physical Router via L2 network, which means in VM, the default route is pointed to physical Router.

However, to make meta-data service working, the route of meta-data service IP 169.254.169.254 should be routed to virtual Router created by neutron L3 agent.

Please check the traffic flow as below:

Meta-data service working with provider network

Step-by-step guide

  • Create network with specific provide network defined. (Admin right needed)
neutron net-create test-net --tenant-id <tenant id of your tenant> \  
          --provider:network_type vlan \
          --provider:physical_network physnet2 \
          --provider:segmentation_id 100

#physnet2 is the bridge mapping name of eth2 setting in 
#OVS plugin configuration /etc/neutron/plugin.ini
#bridge_mappings=physnet2:br-eth2
  • Create subnet, specify 2 static routes for meta-data service IP and default gw
neutron subnet-create --name test-subnet --gateway 10.0.0.1  \  
--host-route destination=169.254.169.254/32,nexthop=10.0.0.1 \
--host-route destination=0.0.0.0/0,nexthop=10.0.0.254 test-net 10.0.0.0/24
  • Check neutron dhcp-agent options config file of the created network, we can see those route entries
[root@hp36-controller ~(demo)]# cat /var/lib/neutron/dhcp/<network id>/opts
tag:tag0,option:classless-static-route,169.254.169.254/32,10.0.0.1  
tag:tag0,249,169.254.169.254/32,10.0.0.1  
tag:tag0,option:router,10.0.0.254
  • Create the router and link subnet to the router
neutron router-create test-router  
neutron router-interface-add test-router test-subnet
  • Launch a VM using the created network, after VM in up and running, log in to VM to check the routing table
[root@host-10-0-0-4 ~]# route -n
Kernel IP routing table  
Destination Gateway Genmask Flags Metric Ref Use Iface  
0.0.0.0 10.0.0.254 0.0.0.0 UG 0 0 0 eth0  
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0  
169.254.169.254 10.0.0.1 255.255.255.255 UGH 0 0 0 eth0
  • Test meta-data service
[root@host-10-0-0-4 ~]# curl http://169.254.169.254/openstack/latest/
meta_data.json  
user_data  
password  
vendor_data.json
  • Test default route connectivity by pinging an external IP
[root@host-10-0-0-4 ~]# ping 6.6.6.6
PING 6.6.6.6 (6.6.6.6) 56(84) bytes of data.  
64 bytes from 6.6.6.6: icmp_seq=1 ttl=64 time=0.282 ms  
64 bytes from 6.6.6.6: icmp_seq=2 ttl=64 time=0.173 ms  
64 bytes from 6.6.6.6: icmp_seq=3 ttl=64 time=0.163 ms  
......