[AWS] CMR does not set security groups rules
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Canonical Juju |
Won't Fix
|
High
|
Unassigned |
Bug Description
Hi,
Using Juju 2.8.5.
When I do CMR between prometheus and telegraf, I cannot see telegraf data on prometheus.
That happens because the security group where telegraf sits was not opened for port 9103 (although the charm opens that port) to prometheus; which sits on a different VPC and model.
Exposing telegraf (i.e. opening telegraf wide) resolves this issue.
This does not seems to be an issue on main charms, only subordinates though.
I do have NATS CMR'ed to other applications (although sitting on same VPC at the end) and that works just fine.
So, for subordinate charms, this is a guaranteed issue. For main charms it is not yet clear for me if that also happens. Would be worthy to test CMR on different VPCs as well.
Changed in juju: | |
milestone: | 3.0.0 → 3.0.1 |
Changed in juju: | |
milestone: | 3.0.1 → 3.0.2 |
Changed in juju: | |
milestone: | 3.0.2 → 3.0.3 |
Per discussion in sync, this might be related to https:/ /bugs.launchpad .net/juju/ +bug/1848392.
Are any spaces in use in this model? And what is the ingress address that prometheus is advertising over the CMR (e.g., when running network-get in the relation context?)