Hi, I faced this issue recently. My conclusion is that quantum-network-service relation should be outdated from Rocky onward.
We can see from: https://github.com/openstack/charm-neutron-gateway/blob/7e68feed95eb9489184914cf218265d4a30558e2/hooks/neutron_hooks.py#L173
That, if we are running Rocky or later + a secret has been shared from nova-cc to neutron-gw, neutron-gw charm will disable and mask nova-api-metadata service.
However, on nova-cc side, that will always happen on quantum-network-service. We can check that a -joined relation runs: https://github.com/openstack/charm-nova-cloud-controller/blob/65ed6620c7594cac914d21c2203742f63dc43d17/hooks/nova_cc_hooks.py#L978
Which leads to always sharing a secret if running Rocky or later: https://github.com/openstack/charm-nova-cloud-controller/blob/86bb59ec3e85b354e65c2f6db0d864239600d5df/hooks/nova_cc_utils.py#L1914 https://github.com/openstack/charm-nova-cloud-controller/blob/86bb59ec3e85b354e65c2f6db0d864239600d5df/hooks/nova_cc_utils.py#L1851
It effectively means that nova-api-metadata will be installed, but then disconfigured and masked.
However, the nrpe-check remains, as well as the broken service: https://pastebin.canonical.com/p/txjFcNX7Vd/
My suggestion is to deprecate this relation and make it optional for neutron-gw & nova-cc.
Hi, I faced this issue recently. My conclusion is that quantum- network- service relation should be outdated from Rocky onward.
We can see from: /github. com/openstack/ charm-neutron- gateway/ blob/7e68feed95 eb9489184914cf2 18265d4a30558e2 /hooks/ neutron_ hooks.py# L173
https:/
That, if we are running Rocky or later + a secret has been shared from nova-cc to neutron-gw, neutron-gw charm will disable and mask nova-api-metadata service.
However, on nova-cc side, that will always happen on quantum- network- service. We can check that a -joined relation runs: /github. com/openstack/ charm-nova- cloud-controlle r/blob/ 65ed6620c7594ca c914d21c2203742 f63dc43d17/ hooks/nova_ cc_hooks. py#L978
https:/
Which leads to always sharing a secret if running Rocky or later: /github. com/openstack/ charm-nova- cloud-controlle r/blob/ 86bb59ec3e85b35 4e65c2f6db0d864 239600d5df/ hooks/nova_ cc_utils. py#L1914 /github. com/openstack/ charm-nova- cloud-controlle r/blob/ 86bb59ec3e85b35 4e65c2f6db0d864 239600d5df/ hooks/nova_ cc_utils. py#L1851
https:/
https:/
It effectively means that nova-api-metadata will be installed, but then disconfigured and masked.
However, the nrpe-check remains, as well as the broken service: https:/ /pastebin. canonical. com/p/txjFcNX7V d/
My suggestion is to deprecate this relation and make it optional for neutron-gw & nova-cc.