Canonical Juju

juju should add nodes IPs to no-proxy list

Bug #1488139 reported by Ashley Lai on 2015-08-24

This bug affects 12 people

Affects		Status	Importance	Assigned to	Milestone
	Canonical Juju	Expired	High	Unassigned

Bug Description

When setting proxy in juju environment the nodes cannot communicate with each other. Juju should allow this communication by adding all the nodes' IPs to no-proxy list.

Tags:

Revision history for this message

Ashley Lai (alai) wrote on 2015-08-24:

Bug to add bootstrap node to no-proxy list:

https://bugs.launchpad.net/juju-core/+bug/1478660

Curtis Hovey (sinzui) on 2015-08-25

tags:	added: proxy
tags:	added: network
Changed in juju-core:
status:	New → Triaged
milestone:	none → 1.25.0

Curtis Hovey (sinzui) on 2015-08-25

Changed in juju-core:
importance:	Undecided → High

Curtis Hovey (sinzui) on 2015-08-27

Changed in juju-core:
milestone:	1.25-alpha1 → 1.25-beta1

Alexis Bruemmer (alexis-bruemmer) on 2015-09-16

Changed in juju-core:
milestone:	1.25-beta1 → 1.25-beta2

Revision history for this message

Tim Penhey (thumper) wrote on 2015-09-17:

Can anyone think of a reason why we shouldn't do this by default?

Ian Booth (wallyworld) on 2015-09-17

Changed in juju-core:
milestone:	1.25-beta2 → 1.26-alpha1

Curtis Hovey (sinzui) on 2015-11-03

Changed in juju-core:
milestone:	1.26-alpha1 → 1.26-alpha2

Revision history for this message

Marco Ceppi (marcoceppi) wrote on 2015-11-10:

No, making it default behavior where it appends the nodes IP addresses to the existing user defined no-proxy would be preferable.

Cheryl Jennings (cherylj) on 2015-11-18

Changed in juju-core:
milestone:	1.26-alpha2 → 1.26.0

Cheryl Jennings (cherylj) on 2015-11-19

Changed in juju-core:
importance:	High → Critical

David Britton (dpb) on 2015-11-19

tags:	added: kanban-cross-team
tags:	added: landscape

🤖 Landscape Builder (landscape-builder) on 2015-11-19

tags:

removed: kanban-cross-team

Cheryl Jennings (cherylj) on 2015-12-07

Changed in juju-core:
milestone:	1.26.0 → 2.0-beta5

Cheryl Jennings (cherylj) on 2015-12-09

Changed in juju-core:
importance:	Critical → High

Larry Michel (lmic) on 2016-01-26

tags:

added: oil

Cheryl Jennings (cherylj) on 2016-03-07

Changed in juju-core:
milestone:	2.0-beta5 → 2.0-beta4

Revision history for this message

Cheryl Jennings (cherylj) wrote on 2016-04-02:

In bug #1556207, we have automatically added state servers / controllers to the no-proxy list.

Changed in juju-core:
milestone:	2.0-beta4 → 2.1.0

Revision history for this message

David Britton (dpb) wrote on 2016-08-10:

If we want to claim http_proxy support for the autopilot or cloud deployments. This is one key step that needs to happen before getting there. the 'no_proxy' list needs to be managed and curated by Juju.

Canonical Juju QA Bot (juju-qa-bot) on 2016-08-22

affects:	juju-core → juju
Changed in juju:
milestone:	2.1.0 → none
milestone:	none → 2.1.0

Revision history for this message

Anastasia (anastasia-macmood) wrote on 2017-02-10:

Removing 2.1 milestone as we will not be addressing this issue in 2.1.

Changed in juju:
milestone:	2.1.0 → none

Revision history for this message

John A Meinel (jameinel) wrote on 2017-02-22:

Note that most applications require you to list *every* IP address that you don't want to proxy separately *or* create a Domain and only reference things via the Domain Name.
See bugs like https://bugs.launchpad.net/juju/+bug/1421650

If we *could* we'd set no_proxy with nice short-form CIDR notation around what spaces (subnets) we are deployed in, which would leave you with a reasonably short list.

We could try to do "no_proxy everything in the model" and hope you never have 1000s of machines. (Note that no_proxy becomes an O(N^2) problem as everytime you deploy a new machine, you now have to tell all the other machines that they shouldn't proxy traffic to that machine.)

We could try "no_proxy everything related to units on the machine" which ignores some realities, but would at least keep N smaller. (Still N^2 in the number of machines with units related to each-other.)

Its a similar problem that they ran into with Hadoop, where everything *had* to be a Hostname, which meant they were populating /etc/hosts with the 100 machines that were being spun up for the hadoop charm. The problem is still that a given application can have 100 machines.

One option would be to re-open the idea of Juju becoming a DNS server, and giving a common suffix to every machine in the model, and only configuring traffic between machines to use the DNS names.

That is a rather major overhaul of the communication model to handle no_proxy.

Revision history for this message

Canonical Juju QA Bot (juju-qa-bot) wrote on 2022-11-03:

This bug has not been updated in 5 years, so we're marking it Expired. If you believe this is incorrect, please update the status.

Changed in juju:
status:	Triaged → Expired
tags:	added: expirebugs-bot

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.