How to debug why "juju deploy" does not end up in the correct subnet?

hoba · 16 April 2021 14:21

Hi,

I am struggeling quite a bit with juju deploy to my MaaS cloud. I have two networks for which

network infrastructure is the management network with PXE boot etc.
network computing is where I want to run the services I deploy with Juju - like hello-juju

No matter what I am trying, the public-address of the hello-juju app is always ending up in network infrastructure whereas I want it to be in computing. I’ve read felt like the whole documentation and tried things like:

juju deploy hello-juju --bind computing
deployed e.g. charmed-kubernetes with an overlay to endpoints like “”: computing
tested with Juju version 2.9, 2.8.1
using MaaS version 3.0 beta

Noteworthy to say, that when I login to a machine, then I have proper network access to both networks. Also in MaaS I have configured the two NICS with “auto-assign”.

But nothing worked so far. Is there any tooling available to debug this?

Regards

hoba · 17 April 2021 12:53

This is really driving me crazy…maybe as a help, here is the juju status output where one sees, that the public-address is not on the computing space:

model:
  name: hello
  type: iaas
  controller: maas-controller
  cloud: mycloud
  region: default
  version: 2.8.10
  model-status:
    current: available
    since: 17 Apr 2021 14:09:01+02:00
  sla: unsupported
machines:
  "0":
    juju-status:
      current: started
      since: 17 Apr 2021 14:18:51+02:00
      version: 2.8.10
    hostname: mynode
    dns-name: 10.1.1.42
    ip-addresses:
    - 10.1.1.42
    - 10.1.20.42
    instance-id: nqxxef
    display-name: mynode
    machine-status:
      current: running
      message: Deployed
      since: 17 Apr 2021 14:19:00+02:00
    modification-status:
      current: idle
      since: 17 Apr 2021 14:12:18+02:00
    series: bionic
    network-interfaces:
      ens18:
        ip-addresses:
        - 10.1.1.42
        mac-address: c2:b3:3b:97:75:9a
        gateway: 10.1.1.254
        space: infrastructure
        is-up: true
      ens19:
        ip-addresses:
        - 10.1.20.42
        mac-address: 62:72:fd:a3:b2:19
        space: computing
        is-up: true
    constraints: spaces=computing
    hardware: arch=amd64 cores=2 mem=4096M tags=virtual availability-zone=default
applications:
  hello-juju:
    charm: cs:hello-juju-6
    series: bionic
    os: ubuntu
    charm-origin: jujucharms
    charm-name: hello-juju
    charm-rev: 6
    charm-version: 62ef13f
    exposed: false
    application-status:
      current: active
      message: Serving HTTP from gunicorn
      since: 17 Apr 2021 14:48:30+02:00
    units:
      hello-juju/0:
        workload-status:
          current: active
          message: Serving HTTP from gunicorn
          since: 17 Apr 2021 14:48:30+02:00
        juju-status:
          current: idle
          since: 17 Apr 2021 14:21:51+02:00
          version: 2.8.10
        leader: true
        machine: "0"
        open-ports:
        - 80/tcp
        public-address: 10.1.1.42
    endpoint-bindings:
      "": computing
      db: computing
storage: {}
controller:
  timestamp: 14:50:49+02:00

hoba · 17 April 2021 14:43

Getting a step further. It seems the the endpoint of the app (in this example hello-juju) is exposed to the IP on the infrastructure and the IP on the computing network. This is what network-get shows:

root:~$ juju run --unit hello-juju/3 "network-get db"
bind-addresses:
- macaddress: 62:72:fd:a3:b2:19
  interfacename: ens19
  addresses:
  - hostname: ""
    address: 10.1.20.44
    cidr: 10.1.20.0/24
egress-subnets:
- 10.1.20.44/32
ingress-addresses:
- 10.1.20.44

I can curl on both subnets and the endpoint for the hello-juju app returns. Am I missing something here to only restrict it really to the space I want (space computing)? And why does juju summary and the web UI show then the wrong IP?

hoba · 18 April 2021 08:13

Seems the hello-juju charm does not support binding to specific interfaces. If I interprete the code below (from the charm), then it binds to all available interfaces 0.0.0.0:

[Unit]
Description=Hello Juju web application
After=network.target

[Service]
WorkingDirectory = {{ project_root }}
Restart = always
RestartSec = 5
ExecStart=/srv/hello-juju/venv/bin/gunicorn \
            -u {{ user }} \
            -g {{ group }} \
            --access-logfile {{ project_root }}/access.log \
            --error-logfile {{ project_root }}/error.log \
            --bind 0.0.0.0:{{ port }} \
            hello_juju:app
ExecReload = /bin/kill -s HUP $MAINPID
ExecStop = /bin/kill -s TERM $MAINPID
ExecStartPre = /bin/mkdir {{ project_root }}/run
PIDFile = {{ project_root }}/run/hello-juju.pid
ExecStopPost = /bin/rm -rf {{ project_root }}/run

[Install]
WantedBy = multi-user.target