gce open-port does not create firewall rules

Bug #1646907 reported by Curtis Hovey
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Canonical Juju
Expired
Medium
Unassigned

Bug Description

There was an accident in the Juju QA GCE account where many firewalls were indiscriminately deleted from the default network. ALL new juju deployments failed!

Juju bootstrap failed because the client could not ssh into the new machine. I cloud see firewall rules that permitted the api ports, but not 22. I created a universal firewall rule to permit 22. This permitted juju to bootstrap, and it believed all app were operational.

But tests the checked external availability of apps, such as wikimeda failed because its web ports were not opened. The charm does open ports and expose the app. I added a universal firewall rule for 80 and 443 to fix the test.

I expect juju to op 22 to all the machines it manages, and open-port to create firewall rules. I really do not know what rules were in place to have allows juju 1x and 2.x to create. I never created a firewall rules so I believe GCE had default rules in place that Juju takes for granted.

Changed in juju:
milestone: 2.1-beta4 → 2.2.0
Curtis Hovey (sinzui)
Changed in juju:
milestone: 2.2-beta1 → 2.2-beta2
Curtis Hovey (sinzui)
Changed in juju:
milestone: 2.2-beta2 → 2.2-beta3
Changed in juju:
milestone: 2.2-beta3 → 2.2-beta4
Changed in juju:
milestone: 2.2-beta4 → 2.2-rc1
Tim Penhey (thumper)
Changed in juju:
importance: High → Medium
milestone: 2.2-rc1 → none
Revision history for this message
Canonical Juju QA Bot (juju-qa-bot) wrote :

This bug has not been updated in 5 years, so we're marking it Expired. If you believe this is incorrect, please update the status.

Changed in juju:
status: Triaged → Expired
tags: added: expirebugs-bot
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.