== Enabling Metadata Service ==

# Update Neutron metadat_agent.ini to communicate with Keystone
$ openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT auth_url http://192.168.122.163:35357/v2.0/
$ openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT auth_region regionOne
$ openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT admin_tenant_name services
$ openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT admin_user neutron
$ openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT admin_password fedora

# Update Neutron metadat_agent.ini to let it know to connect to Nova
$ openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_ip 192.168.122.163
$ openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_port 8700
$ openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT \
metadata_proxy_shared_secret fedora

# Update Neutron l3_agent.ini (L3 agent sets up the routing).
$ openstack-config --set /etc/neutron/l3_agent.ini DEFAULT metadata_ip 192.168.122.163
$ openstack-config --set /etc/neutron/l3_agent.ini DEFAULT metadata_port 8700

# Update nova.conf on Controller node to make sure it listens on this port for metadata:
$ openstack-config --set /etc/nova/nova.conf DEFAULT metadata_host 192.168.122.163
$ openstack-config --set /etc/nova/nova.conf DEFAULT metadata_listen 0.0.0.0
$ openstack-config --set /etc/nova/nova.conf DEFAULT metadata_listen_port 8700
$ openstack-config --set /etc/nova/nova.conf DEFAULT service_neutron_metadata_proxy True
$ openstack-config --set /etc/nova/nova.conf DEFAULT neutron_metadata_proxy_shared_secret fedora

# Start and Enable the services
$ systemctl enable neutron-metadata-agent
$ systemctl start neutron-metadata-agent

# Restart Nova services
$ systemctl restart openstack-nova-api
$ systemctl restart neutron-l3-agent

# Check on the Routing on Cloud controller's router namespace, it should show port 80 for 169.254.169.254 routes to the host at port 8700

  $ ip netns exec qrouter-d72adddf-4c02-4916-ae6d-16bfdaf59d99 \
    iptables -L -t nat | grep 169
  REDIRECT   tcp  --  anywhere             169.254.169.254      tcp dpt:http redir ports 8700
=====================================================