I got errors on all the 3 barbican-vault units.
Looks like all those try to reach Vault on the public API network (172.16.255/24) instead of on the internal API network (192.168.10/24) as by the binding definition.
Vault application isn't exposed on the public API network but it's connected with the internal API network only.
juju run --unit barbican-vault/9 "network-get --primary-address secrets-storage"
172.16.255.66
juju run --unit barbican-vault/8 "network-get --primary-address secrets-storage"
172.16.255.70
juju run --unit barbican-vault/7 "network-get --primary-address secrets-storage"
172.16.255.64
I modified the bundle to add an additional barbican-vault binding for
the secrets-storage relation:
applications: barbican: count: 3 cluster_ count: 1 octavia: count: 3 multiplier: *worker-multiplier -origin: *openstack-origin internal- endpoints: true os-admin- hostname: *barbican- admin-hostname os-internal- hostname: *barbican- internal- hostname os-public- hostname: *barbican- public- hostname storage: *internal-space
hacluster-
charm: cs:hacluster
options:
cluster_
#
hacluster-
charm: cs:hacluster
options:
cluster_
barbican:
charm: cs:barbican
num_units: 3
bindings:
"": *oam-space
public: *public-space
admin: *admin-space
internal: *internal-space
shared-db: *internal-space
options:
worker-
openstack
region: *openstack-region
vip: *barbican-vip
use-
#
#
#
to:
- lxd:0
- lxd:2
- lxd:4
barbican-vault:
charm: cs:barbican-vault
bindings:
"": *oam-space
secrets-
I got errors on all the 3 barbican-vault units.
Looks like all those try to reach Vault on the public API network (172.16.255/24) instead of on the internal API network (192.168.10/24) as by the binding definition.
Vault application isn't exposed on the public API network but it's connected with the internal API network only.
juju run --unit barbican-vault/9 "network-get --primary-address secrets-storage"
172.16.255.66
juju run --unit barbican-vault/8 "network-get --primary-address secrets-storage"
172.16.255.70
juju run --unit barbican-vault/7 "network-get --primary-address secrets-storage"
172.16.255.64