Neutron Metadata Agent Configuration - nova_metadata_ip

Bug #1585699 reported by Ross Martyn on 2016-05-25
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
neutron
Low
Cedric Brandily
puppet-neutron
Undecided
Unassigned

Bug Description

I am not sure if this constitutes the tag 'bug'. However it has lead us to some confusion and I feel it should be updated.

This option in neutron metadata configuration (and install docs) is misleading.

{{{
# IP address used by Nova metadata server. (string value)
#nova_metadata_ip = 127.0.0.1
}}}

It implies the need to present an IP address for the nova metadata api. Where as in actual fact this can be a hostname or IP address.

When using TLS encrypted sessions, this 'has' to be a hostname, else this ends in a SSL issue, as the hostname is embedded in the certificates.

I am seeing this issue with OpenStack Liberty, however it appears to be in the configuration reference for Mitaka too, so I guess this is accross the board.

If this needs to be listed in a different forum, please let me know!

Thanks

Carl Baldwin (carl-baldwin) wrote :

So, just to confirm, the option accepts a hostname just fine. It is just the comment on the option that is misleading and should be changed. Right?

tags: added: low-hanging-fruit
Changed in neutron:
importance: Undecided → Low
status: New → Confirmed
status: Confirmed → Incomplete
Ross Martyn (rossmartyn04) wrote :

As far as I am aware Carl, that is correct. (We are successfully using HTTPS (TLS) in conjunction with a hostname in this option.)

I believe the option name, and the associated comment should be changed.

Yosef Hoffman (yohoffman) wrote :

Would we not want to change the option name itself and just update the comment? If we change the option name, won't that cause backwards compatibility issues in the next release?

Steve Kipp (sk167v) wrote :

I'll update it and test it across liberty through dev

Changed in neutron:
assignee: nobody → Steve Kipp (sk167v)
status: Incomplete → In Progress
Steve Kipp (sk167v) wrote :

Based on some IRC conversations we'll likely have to support both the naming schemes. I'll be updating the variable name to nova_metadata_host. That name to me implies that it can be either.

Steve Kipp (sk167v) wrote :

Looks like a few tests are failing, I see where to make the update. In the mean time my solution is to add this to master, and then it can be cherry picked to previous releases.

Jakub Libosvar (libosvar) wrote :

I think this will affect installers, added as another affected project.

Brent Eagles (beagles) on 2016-08-24
affects: puppet-tripleo → puppet-neutron

Change abandoned by Armando Migliaccio (<email address hidden>) on branch: master
Review: https://review.openstack.org/349733
Reason: This review is > 4 weeks without comment, and failed Jenkins the last time it was checked. We are abandoning this for now. Feel free to reactivate the review by pressing the restore button and leaving a 'recheck' comment to get fresh test results.

Changed in neutron:
status: In Progress → Confirmed
assignee: Steve Kipp (sk167v) → nobody
tags: added: deprecation

Fix proposed to branch: master
Review: https://review.openstack.org/436813

Changed in neutron:
assignee: nobody → Cedric Brandily (cbrandily)
status: Confirmed → In Progress

Reviewed: https://review.openstack.org/436813
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=366dd7cc37c053e0fff897b16414c960243abcfc
Submitter: Jenkins
Branch: master

commit 366dd7cc37c053e0fff897b16414c960243abcfc
Author: Cedric Brandily <email address hidden>
Date: Wed Feb 22 09:02:52 2017 +0100

    Deprecate nova_metadata_ip in favor of nova_metadata_host option

    nova_metadata_ip option name is a bit confusing as it accepts an ip but
    also a dns name (which is required when https protocol is used).

    This change deprecates nova_metadata_ip option in favor of
    nova_metadata_host option and updates option help to highlight that we
    can use an ip or a dns name.

    DocImpact
    Closes-Bug: #1585699
    Change-Id: Ia6c2471c7b4f3e924941222133edbb90151757a5

Changed in neutron:
status: In Progress → Fix Released

This issue was fixed in the openstack/neutron 11.0.0.0b1 development milestone.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers