On Mon, 7 Jul 2014, Sean Dague wrote: > > Right, but that assumes router control. > > > In general, anyone doing singlestack v6 at the moment relies on > > config-drive to make it work. This works fine but it depends what > > cloud-init support your application has. > > I think it's also important to realize that the metadata service isn't > OpenStack invented, it's an AWS API. Which means I don't think we really
Thats incorrect. The metadata service that lives at http://169.254.169.254/ and http://169.254.169.254/ec2 is a mostly-aws-compatible metadata service. The metadata service that lives at http://169.254.169.254/openstack is 100% "Openstack Invented". > have the liberty to go changing how it works, especially with something > like IPv6 support. > > I'm not sure I understand why requiring config-drive isn't ok. In our > upstream testing it's a ton more reliable than the metadata service due > to all the crazy networking things it's doing. Because config-drive is "initialization only". Block devices are not a 2 way communication mechanism. The obvious immediate need for something more than "init only" is hotplug of a network device. In amazon, this actuall works. * The device is hot-plug added * udev rules are available that then hit the metadata service to find out what the network configuration should be for that newly added nic. * the udev rules bring up the interface. To the end user, they made an api call that said "attach this network interface with this IP" and it just magically happened. In openstack at the moment, they have to add the nic, and then ssh in and configure the newly added nic (or some other mechanism). See bug 1153626 (http://pad.lv/1153626) for more info on how it works on Amazon. Amazon also has other neat things in the metadata service such time-limited per-instance credentials that can be used by the instance to do things that the user provides an IAM role for. More info on the AWS metadata service is at http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AESDG-chapter-instancedata.html We should do neat things like this in sane ways in the Openstack Metadata service. And that openstack metadata service should be available via ipv6. > > I'd honestly love to see us just deprecate the metadata server. If I had to deprecate one or the other, I'd deprecate config drive. I do realize that its simplicity is favorable, but not if it is insufficient. _______________________________________________ OpenStack-dev mailing list [email protected] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
