I'm also seeing a failure to establish the `vault:certificates` relation as a CMR:
```
unit-vault-29: 17:59:16 WARNING unit.vault/29.certificates-relation-created hvac.exceptions.InvalidPath: no handler for route 'charm-pki-local/cert/ca_chain', on get http://127.0.0.1:8220/v1/charm-pki-local/cert/ca_chain
unit-vault-29: 17:59:16 ERROR juju.worker.uniter.operation hook "certificates-relation-created" (via explicit, bespoke hook script) failed: exit status 1
unit-vault-29: 17:59:58 ERROR unit.vault/29.juju-log certificates:165: Unable to find implementation for relation: peers of vault-ha
unit-vault-29: 17:59:59 ERROR unit.vault/29.juju-log certificates:165: Hook error:
Traceback (most recent call last):
File "/var/lib/juju/agents/unit-vault-29/.venv/lib/python3.10/site-packages/charms/reactive/__init__.py", line 74, in main
bus.dispatch(restricted=restricted_mode)
File "/var/lib/juju/agents/unit-vault-29/.venv/lib/python3.10/site-packages/charms/reactive/bus.py", line 390, in dispatch
_invoke(other_handlers)
File "/var/lib/juju/agents/unit-vault-29/.venv/lib/python3.10/site-packages/charms/reactive/bus.py", line 359, in _invoke
handler.invoke()
File "/var/lib/juju/agents/unit-vault-29/.venv/lib/python3.10/site-packages/charms/reactive/bus.py", line 181, in invoke
self._action(*args)
File "/var/lib/juju/agents/unit-vault-29/charm/reactive/vault_handlers.py", line 1055, in publish_ca_info
chain = vault_pki.get_chain()
File "/var/lib/juju/agents/unit-vault-29/charm/lib/charm/vault_pki.py", line 86, in get_chain
response = client.secrets.pki.read_certificate('ca_chain',
File "/var/lib/juju/agents/unit-vault-29/.venv/lib/python3.10/site-packages/hvac/api/secrets_engines/pki.py", line 76, in read_certificate
return self._adapter.get(
File "/var/lib/juju/agents/unit-vault-29/.venv/lib/python3.10/site-packages/hvac/adapters.py", line 113, in get
return self.request("get", url, **kwargs)
File "/var/lib/juju/agents/unit-vault-29/.venv/lib/python3.10/site-packages/hvac/adapters.py", line 364, in request
response = super(JSONAdapter, self).request(*args, **kwargs)
File "/var/lib/juju/agents/unit-vault-29/.venv/lib/python3.10/site-packages/hvac/adapters.py", line 330, in request
utils.raise_for_error(
File "/var/lib/juju/agents/unit-vault-29/.venv/lib/python3.10/site-packages/hvac/utils.py", line 43, in raise_for_error
raise exceptions.InvalidPath(message, errors=errors, method=method, url=url)
hvac.exceptions.InvalidPath: no handler for route 'charm-pki-local/cert/ca_chain', on get http://127.0.0.1:8220/v1/charm-pki-local/cert/ca_chain
```
I'm also seeing a failure to establish the `vault: certificates` relation as a CMR: 29.certificates -relation- created hvac.exceptions .InvalidPath: no handler for route 'charm- pki-local/ cert/ca_ chain', on get http:// 127.0.0. 1:8220/ v1/charm- pki-local/ cert/ca_ chain uniter. operation hook "certificates- relation- created" (via explicit, bespoke hook script) failed: exit status 1 29.juju- log certificates:165: Unable to find implementation for relation: peers of vault-ha 29.juju- log certificates:165: Hook error: juju/agents/ unit-vault- 29/.venv/ lib/python3. 10/site- packages/ charms/ reactive/ __init_ _.py", line 74, in main dispatch( restricted= restricted_ mode) juju/agents/ unit-vault- 29/.venv/ lib/python3. 10/site- packages/ charms/ reactive/ bus.py" , line 390, in dispatch other_handlers) juju/agents/ unit-vault- 29/.venv/ lib/python3. 10/site- packages/ charms/ reactive/ bus.py" , line 359, in _invoke invoke( ) juju/agents/ unit-vault- 29/.venv/ lib/python3. 10/site- packages/ charms/ reactive/ bus.py" , line 181, in invoke _action( *args) juju/agents/ unit-vault- 29/charm/ reactive/ vault_handlers. py", line 1055, in publish_ca_info get_chain( ) juju/agents/ unit-vault- 29/charm/ lib/charm/ vault_pki. py", line 86, in get_chain secrets. pki.read_ certificate( 'ca_chain' , juju/agents/ unit-vault- 29/.venv/ lib/python3. 10/site- packages/ hvac/api/ secrets_ engines/ pki.py" , line 76, in read_certificate juju/agents/ unit-vault- 29/.venv/ lib/python3. 10/site- packages/ hvac/adapters. py", line 113, in get juju/agents/ unit-vault- 29/.venv/ lib/python3. 10/site- packages/ hvac/adapters. py", line 364, in request *args, **kwargs) juju/agents/ unit-vault- 29/.venv/ lib/python3. 10/site- packages/ hvac/adapters. py", line 330, in request raise_for_ error( juju/agents/ unit-vault- 29/.venv/ lib/python3. 10/site- packages/ hvac/utils. py", line 43, in raise_for_error InvalidPath( message, errors=errors, method=method, url=url) .InvalidPath: no handler for route 'charm- pki-local/ cert/ca_ chain', on get http:// 127.0.0. 1:8220/ v1/charm- pki-local/ cert/ca_ chain
```
unit-vault-29: 17:59:16 WARNING unit.vault/
unit-vault-29: 17:59:16 ERROR juju.worker.
unit-vault-29: 17:59:58 ERROR unit.vault/
unit-vault-29: 17:59:59 ERROR unit.vault/
Traceback (most recent call last):
File "/var/lib/
bus.
File "/var/lib/
_invoke(
File "/var/lib/
handler.
File "/var/lib/
self.
File "/var/lib/
chain = vault_pki.
File "/var/lib/
response = client.
File "/var/lib/
return self._adapter.get(
File "/var/lib/
return self.request("get", url, **kwargs)
File "/var/lib/
response = super(JSONAdapter, self).request(
File "/var/lib/
utils.
File "/var/lib/
raise exceptions.
hvac.exceptions
```
I'm running the following:
``` cell0-ovn- central --channel 23.03/stable --num-units 3 cell0-ovn- central --channel latest/stable --num-units 1 cell0-ovn- central --config auto-generate- root-ca- cert=true --config totally- unsecure- auto-unlock= true --channel 1.8/stable --num-units 1
juju deploy ovn-central ovn-central --model lxd-cloud/
juju deploy postgresql postgresql --model lxd-cloud/
juju deploy vault vault --model lxd-cloud/
while ! juju status -m lxd-cloud/ cell0-ovn- central | grep vault/ | grep -q "Unit is ready" ; do
sleep 2
done
sleep 200
juju integrate ovn-central: certificates vault:certificates --model lxd-cloud/ cell0-ovn- central
while ! juju status -m lxd-cloud/ cell0-ovn- central | grep vault/ | grep -q "Unit is ready" ; do
sleep 2
done
sleep 200
juju integrate vault:db postgresql:db --model lxd-cloud/ cell0-ovn- central
sleep 600
juju integrate lxd-cloud/ cloud-rack0. cloud-rack0- ovn-dedicated- chassis vault --model lxd-cloud/ cell0-ovn- central
```