Neutron Metadata Agent broken on Keystone v3 in Kilo (and probably Liberty)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack-Ansible |
Invalid
|
Undecided
|
Ian Cordasco | ||
Kilo |
Fix Released
|
Medium
|
Ian Cordasco | ||
Liberty |
Fix Released
|
Medium
|
Ian Cordasco |
Bug Description
We have a customer that launches roughly 700 (usually more) instances at once for burst workloads on OpenStack Ansible Kilo. When they do, Neutron Metadata Agent starts returning 500 errors.
We spent many hours tracking the source of the 500 errors and we have found *one part* of the root cause. Here's what happens:
In Kilo Neutron Metadata Agent (henceforth known as NMA), attempts to talk to Neutron API over RPC (in OSA's case Rabbit MQ). If that fails, it then attempts to use Neutronclient to talk to it over HTTP.
In /etc/neutron/
The mitigation for this is to fix the auth_url in metadata-agent.ini to use /v2.0 instead of /v3.
I looked at Neutron and Neutronclient on stable/liberty and they both have the *same* problem and roughly the same code path.
Naturally, this doesn't solve whatever is causing Rabbit connection problems from NMA *but* this does fix the 500 errors because NMA can successfully fallback to HTTP using neutronclient.
Changed in openstack-ansible: | |
status: | Triaged → Invalid |
importance: | Medium → Undecided |
Fix proposed to branch: kilo /review. openstack. org/327955
Review: https:/