metadata字面上是元数据,是一个不容易理解的概念。在除了openstack的其他场合也经常会碰到。openstack里的metadata,是提供一个机制给用户,可以设定每一个instance 的参数。
具体可以参见openstack的相关api和以下的蓝图:
https://blueprints.launchpad.net/nova/+spec/openstack-api-metadata
比如你想给instance设置某个属性,比如主机名。metadata的一个重要应用,是设置每个instance的ssh公钥。公钥的设置有两种方式:
1、创建instance时注入文件镜像
2、启动instance后,通过metadata获取,然后用脚本写入
第二种方式更加灵活,可以给非root用户注入公钥。以下是获取ssh key的代码片段:
# Fetch public key using HTTP
ATTEMPTS=10
while [ ! -f /root/.ssh/authorized_keys ]; do
curl -f http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key > /tmp/aws-key 2>/dev/null
if [ \$? -eq 0 ]; then
cat /tmp/aws-key >> /root/.ssh/authorized_keys
chmod 0600 /root/.ssh/authorized_keys
restorecon /root/.ssh/authorized_keys
rm -f /tmp/aws-key
echo "Successfully retrieved AWS public key from instance metadata"
else
FAILED=\$((\$FAILED + 1))
if [ \$FAILED -ge \$ATTEMPTS ]; then
echo "Failed to retrieve AWS public key after \$FAILED attempts, quitting"
break
fi
echo "Could not retrieve AWS public key (attempt #\$FAILED/\$ATTEMPTS), retrying in 5 seconds..."
sleep 5
fi
done
可以看到,获取metadata的api接口是:
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key
可是,这个IP地址,在我们 openstack 是不存在的。为什么可以获取到metadata呢?
这是由于Amazon的原因,最早metadata是亚马逊提出来的,参见:
http://docs.amazonwebservices.com/AWSEC2/latest/UserGuide/AESDG-chapter-instancedata.html
后来很多人给亚马逊定制了一些操作系统的镜像,比如 ubuntu, fedora, centos 等等,而且将里面获取 metadta 的api地址也写死了。所以opentack为了兼容,保留了这个地址 169.254.169.254。然后通过iptables nat映射到真实的api上:
iptables -A nova-network-PREROUTING -d 169.254.169.254/32 -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.0.0.4:8775
使用metadata会带来便利,但是经常碰到的一个问题是,metadata获取不成功,导致instance启动很慢,并且获取失败会导致ssh key等功能设置失效,刚才获取ssh的代码片段中,就是尝试10次。需要注意的是:
1、在 network 上,正确设置相关参数,在 /etc/nova/nova.conf 里配置:
metadata_host=10.0.0.4
这里的 10.0.0.4 是api所在的内网地址
2、network上,要能够连接这个api地址 10.0.0.4
3、由于 api 判断instance是通过fix ip 来判断的,所以instance的fix ip地址段,一定要能够正确连接 api 所在 ip, 并且没有经过 nat 地址转换。否则不能正确获取instance 的metadata
openstack 的 metadata获取,我修正了一个bug:
https://review.openstack.org/#/c/5961/
https://code.launchpad.net/bugs/968453
但是,在某些场合,管理地址分开的情况下,还有bug, 需要继续改进:
https://bugs.launchpad.net/nova/+bug/982356
Pingback引用通告: 理解 OpenStack 高可用(HA)(2):Neutron L3 Agent HA 之 虚拟路由冗余协议(VRRP)-操作系统相关
Pingback引用通告: view website
Pingback引用通告: smettere di fumare
Pingback引用通告: for more
Pingback引用通告: levitra 20mg
Pingback引用通告: coupon levitra
Pingback引用通告: generic levitra
Pingback引用通告: buy levitra
Pingback引用通告: generic viagra prices
Pingback引用通告: 200 cialis coupon
Pingback引用通告: cialis coupon
Pingback引用通告: tadalafil
Pingback引用通告: cialis 30 day sample
Pingback引用通告: tadalafil 5mg
Pingback引用通告: viagra oral jelly online mail-order pharmacies
Pingback引用通告: viagra soft tabs online mail-order pharmacies
Pingback引用通告: order viagra online
Pingback引用通告: viagra super active online mail-order pharmacies
Pingback引用通告: viagra 50 mg
Pingback引用通告: superdrug viagra
Pingback引用通告: female viagra
Pingback引用通告: cheap viagra generic
Pingback引用通告: sildenafil citrate
Pingback引用通告: online viagra
Pingback引用通告: pink female viagra online mail-order pharmacies
Pingback引用通告: 50mg viagra
Pingback引用通告: canadian viagra
Pingback引用通告: viagra generic availability
Pingback引用通告: red viagra online mail-order pharmacies
Pingback引用通告: viagra 100mg
Pingback引用通告: cheap 50 mg viagra
Pingback引用通告: cheap viagra 100 mg
Pingback引用通告: generic viagra online
Pingback引用通告: viagra for women
Pingback引用通告: viagra prices
Pingback引用通告: buy viagra online
Pingback引用通告: buy viagra generic
Pingback引用通告: viagra 100 mg
Pingback引用通告: viagra over the counter
Pingback引用通告: viagra coupons
Pingback引用通告: cheap viagra
Pingback引用通告: viagra tablets
Pingback引用通告: womens viagra
Pingback引用通告: buy 100 mg viagra
Pingback引用通告: cheap viagra 100mg
Pingback引用通告: viagra on line
Pingback引用通告: buy viagra
Pingback引用通告: cheap viagra 50mg
Pingback引用通告: cheap 100 mg viagra
Pingback引用通告: women viagra
Pingback引用通告: coupon sildenafil
Pingback引用通告: viagra cost
Pingback引用通告: buy 50 mg viagra
Pingback引用通告: viagra buy
Pingback引用通告: viagra
Pingback引用通告: sildenafil cost
Pingback引用通告: generic viagra online mail-order pharmacies
Pingback引用通告: 50 mg viagra
Pingback引用通告: viagra online
Pingback引用通告: over the counter viagra
Pingback引用通告: buy sildenafil online
Pingback引用通告: cheap generic viagra
Pingback引用通告: cheap viagra 50 mg
Pingback引用通告: viagra online paypal uk
Pingback引用通告: viagra 50mg
Pingback引用通告: generic viagra available
Pingback引用通告: gold viagra online mail-order pharmacies
Pingback引用通告: buy viagra 50 mg
Pingback引用通告: buy 20mg levitra
Pingback引用通告: buy generic levitra
Pingback引用通告: vardenafil online
Pingback引用通告: buy levitra 20 mg
Pingback引用通告: 10mg levitra
Pingback引用通告: cheap 10 mg levitra
Pingback引用通告: buy levitra 10mg
Pingback引用通告: cheap levitra online
Pingback引用通告: cheap levitra 10mg
Pingback引用通告: vardenafil prices
Pingback引用通告: levitra rezeptfrei deutschland
Pingback引用通告: cheap vardenafil online
Pingback引用通告: buy levitra generic
Pingback引用通告: levitra prices
Pingback引用通告: buy levitra 10 mg
Pingback引用通告: cheap 10mg levitra
Pingback引用通告: vardenafil buy
Pingback引用通告: buy 10mg levitra
Pingback引用通告: levitra generic
Pingback引用通告: levitra coupon
Pingback引用通告: levitra 10mg
Pingback引用通告: levitra online
Pingback引用通告: 10 mg levitra
Pingback引用通告: buy vardenafil online
Pingback引用通告: buy 10 mg levitra
Pingback引用通告: levitra cost
Pingback引用通告: cheap levitra 20 mg
Pingback引用通告: cheap levitra 10 mg
Pingback引用通告: buy levitra online
Pingback引用通告: cheap levitra 20mg