Canonical Juju

[Google] Using unreachable IP to bootstrap

Bug #1816785 reported by Mathieu Trudel-Lapierre on 2019-02-20

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Canonical Juju	Triaged	Low	Unassigned

Bug Description

$ juju bootstrap
[...]
Creating Juju controller "google-us-east1" on google/us-east1
Looking for packaged Juju agent version 2.5.1 for amd64
Launching controller instance(s) on google/us-east1...
- juju-987bab-0 (arch=amd64 mem=3.5G cores=4)
Installing Juju agent on bootstrap instance
Fetching Juju GUI 2.14.0
Waiting for address
Attempting to connect to 34.73.17.197:22
Attempting to connect to 10.142.0.2:22
[...]

I'm trying to bootstrap to Google Cloud. 10.142.0.2 is a private address that is quite unlikely to be reachable, and actually might be in use by something entirely different. This could lead to bad consequences.

I believe we have all the information needed to avoid attempting the private IPs for public clouds, since they are most likely going to be unusable anyway. There's no point in sending the extra packets there at all, and/or waiting for a connection to fail.

Tags:

Revision history for this message

Richard Harding (rharding) wrote on 2019-02-20:

Hmm, I don't think we can avoid it full stop as clouds support working through VPN and there's no promise of the public addresses. We'd have to figure out how to determine that as part of bootstrap so that we call when needed, but don't when not.

Changed in juju:
status:	New → Triaged
importance:	Undecided → Medium

Revision history for this message

John A Meinel (jameinel) wrote on 2019-02-26: Re: [Bug 1816785] Re: [Google] Using unreachable IP to bootstrap

We also do verification checks about the unit (nonce files on disk, etc),
so even if we do get connected to an IP that isn't the actual machine, we
don't actually treat it as the target. I do think we could potentially bias
it a bit for public clouds where it is more likely that the public IP is
what you want. Certainly on Private clouds there is much less guarantee as
to what address is actually best.

On Wed, Feb 20, 2019 at 5:11 PM Richard Harding <email address hidden>
wrote:

> Hmm, I don't think we can avoid it full stop as clouds support working
> through VPN and there's no promise of the public addresses. We'd have to
> figure out how to determine that as part of bootstrap so that we call
> when needed, but don't when not.
>
> ** Changed in: juju
> Status: New => Triaged
>
> ** Changed in: juju
> Importance: Undecided => Medium
>
> --
> You received this bug notification because you are subscribed to juju.
> Matching subscriptions: juju bugs
> https://bugs.launchpad.net/bugs/1816785
>
> Title:
> [Google] Using unreachable IP to bootstrap
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/juju/+bug/1816785/+subscriptions
>

Revision history for this message

Canonical Juju QA Bot (juju-qa-bot) wrote on 2022-11-03:

This bug has not been updated in 2 years, so we're marking it Low importance. If you believe this is incorrect, please update the importance.

Changed in juju:
importance:	Medium → Low
tags:	added: expirebugs-bot

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.