Hey there!
Trying to figure out what’s going on with this:
ERROR cannot log into "juju-3x-manual-0.domainname.com": unable to connect to API: dial tcp 10.10.129.204:443: connect: connection refused
We bootstrapped a Juju 3.2/stable (snap) controller without issue, but when attempting to login to it from another machine, we get the above error.
The Controller is listening on the normal port (17070), and replicating this in an LXD environment the login dials the correct port, so I’m not sure what’s going on.
The two machines (Controller and login test) are both vSphere VMs on the same /16 network (but different /24’s) and can otherwise communicate fine (verified with telnet from the login test machine that it can open a connection to the Controller on port 17070).
The login test machine is also running the Juju 3.2/stable snap.
So per a conversation @jamesbeedy and I had with @alesstimec, we needed to set up HAProxy and using a valid PEM with the SubjectAlternativeName defined in the cert section.
Our solution wound up looking like:
Create an ext file: juju32_san.ext and fill it with:
This is with HAProxy running on the same VM as the Juju controller.
After this we were able to reach it, even though we have to trust the self-signed cert each time. Works for the test!