Can't close/open ports without external network

Bug #1789211 reported by Felipe Reyes on 2018-08-27
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
juju
High
John A Meinel
2.3
High
John A Meinel
2.4
High
John A Meinel

Bug Description

The following set of messages is polluting the machine-0.log making juju rotate it every ~3 hours:

2018-08-24 14:19:26 DEBUG juju.worker.dependency engine.go:504 "firewaller" manifold worker stopped: cannot respond to units changes for "machine-9": Can't close/open ports without external n
etwork
2018-08-24 14:19:26 ERROR juju.worker.dependency engine.go:551 "firewaller" manifold worker returned unexpected error: cannot respond to units changes for "machine-9": Can't close/open ports without external network
2018-08-24 14:19:26 DEBUG juju.worker.dependency engine.go:553 stack trace:
github.com/juju/juju/provider/vsphere/instance.go:89: Can't close/open ports without external network
github.com/juju/juju/worker/firewaller/firewaller.go:381: cannot respond to units changes for "machine-9"

This environment is effectively configured without an external network:

$ juju model-config -m nps-prod
Attribute From Value
agent-metadata-url default ""
agent-stream default released
agent-version model 2.3.7
apt-ftp-proxy default ""
apt-http-proxy default ""
apt-https-proxy default ""
apt-mirror default ""
apt-no-proxy default ""
automatically-retry-hooks default true
cloudinit-userdata default ""
container-image-metadata-url default ""
container-image-stream default released
container-inherit-properties default ""
container-networking-method model local
datastore model KubeDatastore01
default-series default xenial
development default false
disable-network-management default false
egress-subnets default ""
enable-os-refresh-update default true
enable-os-upgrade default true
external-network model ""
fan-config default ""
firewall-mode default instance
ftp-proxy default ""
http-proxy default ""
https-proxy default ""
ignore-machine-addresses default false
image-metadata-url default ""
image-stream default released
logforward-enabled default false
logging-config model <root>=DEBUG;unit=TRACE
max-action-results-age default 336h
max-action-results-size default 5G
max-status-history-age default 336h
max-status-history-size default 5G
net-bond-reconfigure-delay default 17
no-proxy default 127.0.0.1,localhost,::1
primary-network model kubeprod
provisioner-harvest-mode default destroyed
proxy-ssh default false
resource-tags model {}
ssl-hostname-verification default true
test-mode default false
transmit-vendor-metrics default true
update-status-hook-interval default 5m

Felipe Reyes (freyes) on 2018-08-27
tags: added: vsphere-provider
Tim Penhey (thumper) on 2018-08-28
Changed in juju:
status: New → Triaged
importance: Undecided → High
milestone: none → 2.3.9
John A Meinel (jameinel) on 2018-08-29
Changed in juju:
assignee: nobody → John A Meinel (jameinel)
milestone: 2.3.9 → 2.5-beta1
John A Meinel (jameinel) wrote :

Just to clarify, did someone try to "juju expose" an application without an external network being defined? Maybe it was part of the bundle definition that a given application was supposed to be exposed?

We'll probably change things internally so that we treat OpenPort without an external network as a no-op, but it does feel like something got misconfigured externally.

On Wed, Aug 29, 2018 at 12:56:39PM -0000, John A Meinel wrote:
> Just to clarify, did someone try to "juju expose" an application without
> an external network being defined? Maybe it was part of the bundle
> definition that a given application was supposed to be exposed?

They are running CDK https://jujucharms.com/canonical-kubernetes/ , from the readme:

"This bundle exposes the kubeapi-load-balancer and kubernetes-worker charms by
default, so they are accessible through their public addresses."

John A Meinel (jameinel) wrote :

https://github.com/juju/juju/pull/9140 is a potential patch against 2.3. It still needs manual testing against vmware.

John A Meinel (jameinel) on 2018-09-04
Changed in juju:
status: Triaged → In Progress
John A Meinel (jameinel) on 2018-11-13
Changed in juju:
status: In Progress → Fix Committed
Changed in juju:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers