juju-core

juju selects wrong address for API

Bug #1469193 reported by Felipe Reyes on 2015-06-26

This bug affects 4 people

Affects		Status	Importance	Assigned to	Milestone
	juju-core	Expired	High	Unassigned

Bug Description

[Environment]

Distributor ID: Ubuntu
Description: Ubuntu 14.10
Release: 14.10
Codename: utopic

juju-core:
  Installed: 1.24.0-0ubuntu1~14.10.1~juju1
  Candidate: 1.24.0-0ubuntu1~14.10.1~juju1
  Version table:
*** 1.24.0-0ubuntu1~14.10.1~juju1 0
        500 http://ppa.launchpad.net/juju/stable/ubuntu/ utopic/main amd64 Packages
        100 /var/lib/dpkg/status
     1.20.10-0ubuntu1 0
        500 http://cl.archive.ubuntu.com/ubuntu/ utopic/universe amd64 Packages

environments.yaml:

environments:
    local:
        type: local
        default-series: trusty
        lxc-clone: true
        container: kvm
        network-bridge: br0
        apt-http-proxy: http://192.168.0.103:3142

These are IPs my system has:
$ ip a | egrep -e '^ inet '
    inet 127.0.0.1/8 scope host lo
    inet 192.168.0.103/24 brd 192.168.0.255 scope global br0
    inet 10.0.3.1/24 brd 10.0.3.255 scope global lxcbr0
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
    inet 192.168.123.1/24 brd 192.168.123.255 scope global virbr1
    inet 192.168.10.1/24 brd 192.168.10.255 scope global virbr2
    inet 10.172.192.118/18 brd 10.172.255.255 scope global tun0

Steps to reproduce:

$ juju bootstrap
$ juju add-machine

The /var/lib/juju/agents/machine-1/agents.conf contains:
# format 1.18
tag: machine-1
datadir: /var/lib/juju
[...]
stateaddresses:
- 192.168.0.103:37017
[...]
apiaddresses:
- 10.172.192.118:17070
[...]
values:
  AGENT_SERVICE_NAME: jujud-machine-1
  CONTAINER_TYPE: kvm
  NAMESPACE: freyes-local
  PROVIDER_TYPE: local
  SECURE_STATESERVER_CONNECTION: "true"

So the launched VM cannot connect to the API, the VM's IP address is in the subnet 192.168.0.0/24 so it should be connecting to 192.168.0.103 just like the state address.

Tags:

Revision history for this message

Felipe Reyes (freyes) wrote on 2015-06-26:

machines.tgz Edit (4.8 KiB, application/x-tar)

Curtis Hovey (sinzui) on 2015-06-29

tags:	added: kvm local-provider lxc network
Changed in juju-core:
status:	New → Triaged
importance:	Undecided → High
milestone:	none → 1.25.0

Revision history for this message

Darryl Weaver (dweaver) wrote on 2015-07-10:

This problem also surfaces in a MAAS environment with multiple subnets on the bootstrap node.

Revision history for this message

Amir Sabbaghi (asaba90) wrote on 2015-07-16:

I have the same problem. LXC is installed on juju bootstrap node and other machines are trying to connect to 10.0.3.1:17070
"juju status" shows that all machines and agents are down and I am unable to upgrade my charms.
Is there any workaround for this bug?
I have purged LXC from juju bootstrap node and changed agent.conf from both bootstrap node and the unit with no luck. It seems that the IP has been kept in juju-db.

Curtis Hovey (sinzui) on 2015-08-27

Changed in juju-core:
milestone:	1.25-alpha1 → 1.25-beta1

Alexis Bruemmer (alexis-bruemmer) on 2015-09-16

Changed in juju-core:
milestone:	1.25-beta1 → 1.25-beta2

Cheryl Jennings (cherylj) on 2015-10-21

Changed in juju-core:
milestone:	1.25-beta2 → 1.25.1

Revision history for this message

Cheryl Jennings (cherylj) wrote on 2015-11-10:

This problem stems from juju selecting all IPs on the host as possible connection points for API connections.

A workaround for the local provicer, which may not be feasible for everyone, is to ensure that the subnet used by the bridge is the "lowest" IP on the host system, since juju will sort the available IPs and take the lowest one when connecting.

Changed in juju-core:
milestone:	1.25.1 → 1.26.0

Revision history for this message

Felipe Reyes (freyes) wrote on 2015-11-10:

In comment #2, Darryl indicates that MAAS provider also suffers from this, so it would be good if juju had an option to force an specific subnet/ip to be used for the API, so if you're in an environment where you can't change IPs and juju is not selecting the correct one, you are not left dead in the water.

Would this be possible?

Revision history for this message

Dimiter Naydenov (dimitern) wrote on 2015-11-11:

Can you provide the output of "ip routes show", "brctl show", and "brctl showmacs br0" ?

Also, can you see if specifying "bootstrap-ip: 192.168.0.103" in env.yaml for that "local" environment and retrying will solve your case? If it does not work, please retry again with --debug to bootstrap and "logging-config: '<root>=TRACE'" in envs.yaml, then attach the machine-0.log (scrubbed of secrets).

Dimiter Naydenov (dimitern) on 2015-11-20