Canonical Juju

juju gui command does not fall back to I P address when dns-name setup times out

Bug #1753999 reported by Richard Harding on 2018-03-07

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Canonical Juju	Triaged	Low	Unassigned

Bug Description

When using autocert-dns-name to setup a let's encrypt cert for the controller the juju gui command can time out while the challenge/etc is occuring.

$ juju gui
ERROR Juju GUI is not available: GET https://dbaas.jujugui.org/gui/b60d74ca-fbe1-4c4f-8ff2-2066d1623e7a/: Get https://dbaas.jujugui.org/gui/b60d74ca-fbe1-4c4f-8ff2-2066d1623e7a/: net/http: TLS handshake timeout

It would be preferred if this times out that the command falls back to typical output with the controller ip:port and admin username/password output.

Tags:

Revision history for this message

John A Meinel (jameinel) wrote on 2018-03-08: Re: [Bug 1753999] [NEW] juju gui command does not fall back to I P address when dns-name setup times out

Are we able to figure out the IP address if we are trying to get a DNS
name? Did you try the IP address yourself and see that it worked?

From the sound of it, it would seem that it would fail either way.

On Wed, Mar 7, 2018 at 12:07 PM, Richard Harding <<email address hidden>
> wrote:

> Public bug reported:
>
> When using autocert-dns-name to setup a let's encrypt cert for the
> controller the juju gui command can time out while the challenge/etc is
> occuring.
>
> $ juju gui
> ERROR Juju GUI is not available: GET https://dbaas.jujugui.org/gui/
> b60d74ca-fbe1-4c4f-8ff2-2066d1623e7a/: Get https://dbaas.jujugui.org/gui/
> b60d74ca-fbe1-4c4f-8ff2-2066d1623e7a/: net/http: TLS handshake timeout
>
>
> It would be preferred if this times out that the command falls back to
> typical output with the controller ip:port and admin username/password
> output.
>
> ** Affects: juju
> Importance: Undecided
> Status: New
>
> --
> You received this bug notification because you are subscribed to juju.
> Matching subscriptions: juju bugs
> https://bugs.launchpad.net/bugs/1753999
>
> Title:
> juju gui command does not fall back to I P address when dns-name setup
> times out
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/juju/+bug/1753999/+subscriptions
>

Revision history for this message

Richard Harding (rharding) wrote on 2018-03-08:

So the IP address works fine. It's just the autocert-dns-name does some handshaking with let's encrypt and that took some 4minutes to complete. I attempted to get the GUI details during that time and instead of the timeout the info that would be there w/o let's encrypt would be helpful I believe.

Revision history for this message

John A Meinel (jameinel) wrote on 2018-03-08: Re: [Bug 1753999] Re: juju gui command does not fall back to I P address when dns-name setup times out

How does the IP address work when we don't have a valid cert for the
controller because we're still waiting for the let's-encrypt certificate.
Juju doesn't serve anything out without https. Is it just a self-signed
cert until LE gives us their signature on it?

On Thu, Mar 8, 2018 at 8:24 AM, Richard Harding <email address hidden>
wrote:

> So the IP address works fine. It's just the autocert-dns-name does some
> handshaking with let's encrypt and that took some 4minutes to complete.
> I attempted to get the GUI details during that time and instead of the
> timeout the info that would be there w/o let's encrypt would be helpful
> I believe.
>
> --
> You received this bug notification because you are subscribed to juju.
> Matching subscriptions: juju bugs
> https://bugs.launchpad.net/bugs/1753999
>
> Title:
> juju gui command does not fall back to I P address when dns-name setup
> times out
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/juju/+bug/1753999/+subscriptions
>

Revision history for this message

Richard Harding (rharding) wrote on 2018-03-08:

Yes, it's a self-signed cert at that point I used to move forward manually.

On Thu, Mar 8, 2018 at 10:20 AM John A Meinel <email address hidden>
wrote:

> How does the IP address work when we don't have a valid cert for the
> controller because we're still waiting for the let's-encrypt certificate.
> Juju doesn't serve anything out without https. Is it just a self-signed
> cert until LE gives us their signature on it?
>
> On Thu, Mar 8, 2018 at 8:24 AM, Richard Harding <
> <email address hidden>>
> wrote:
>
> > So the IP address works fine. It's just the autocert-dns-name does some
> > handshaking with let's encrypt and that took some 4minutes to complete.
> > I attempted to get the GUI details during that time and instead of the
> > timeout the info that would be there w/o let's encrypt would be helpful
> > I believe.
> >
> > --
> > You received this bug notification because you are subscribed to juju.
> > Matching subscriptions: juju bugs
> > https://bugs.launchpad.net/bugs/1753999
> >
> > Title:
> > juju gui command does not fall back to I P address when dns-name setup
> > times out
> >
> > To manage notifications about this bug go to:
> > https://bugs.launchpad.net/juju/+bug/1753999/+subscriptions
> >
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1753999
>
> Title:
> juju gui command does not fall back to I P address when dns-name setup
> times out
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/juju/+bug/1753999/+subscriptions
>

Revision history for this message

John A Meinel (jameinel) wrote on 2018-03-08:

Are we having an issue that 'juju gui' is trying to connect to 443 instead
of 17070? That shouldn't be the case because if you have dns-name set we
only serve the controller on 443.
There is no reason that a DNS name wouldn't connect, but an IP address
would *as long as* your DNS record actually points to the machine.

On Thu, Mar 8, 2018 at 10:30 AM, Richard Harding <<email address hidden>
> wrote:

> Yes, it's a self-signed cert at that point I used to move forward
> manually.
>
> On Thu, Mar 8, 2018 at 10:20 AM John A Meinel <email address hidden>
> wrote:
>
> > How does the IP address work when we don't have a valid cert for the
> > controller because we're still waiting for the let's-encrypt certificate.
> > Juju doesn't serve anything out without https. Is it just a self-signed
> > cert until LE gives us their signature on it?
> >
> > On Thu, Mar 8, 2018 at 8:24 AM, Richard Harding <
> > <email address hidden>>
> > wrote:
> >
> > > So the IP address works fine. It's just the autocert-dns-name does some
> > > handshaking with let's encrypt and that took some 4minutes to complete.
> > > I attempted to get the GUI details during that time and instead of the
> > > timeout the info that would be there w/o let's encrypt would be helpful
> > > I believe.
> > >
> > > --
> > > You received this bug notification because you are subscribed to juju.
> > > Matching subscriptions: juju bugs
> > > https://bugs.launchpad.net/bugs/1753999
> > >
> > > Title:
> > > juju gui command does not fall back to I P address when dns-name
> setup
> > > times out
> > >
> > > To manage notifications about this bug go to:
> > > https://bugs.launchpad.net/juju/+bug/1753999/+subscriptions
> > >
> >
> > --
> > You received this bug notification because you are subscribed to the bug
> > report.
> > https://bugs.launchpad.net/bugs/1753999
> >
> > Title:
> > juju gui command does not fall back to I P address when dns-name setup
> > times out
> >
> > To manage notifications about this bug go to:
> > https://bugs.launchpad.net/juju/+bug/1753999/+subscriptions
> >
>
> --
> You received this bug notification because you are subscribed to juju.
> Matching subscriptions: juju bugs
> https://bugs.launchpad.net/bugs/1753999
>
> Title:
> juju gui command does not fall back to I P address when dns-name setup
> times out
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/juju/+bug/1753999/+subscriptions
>

On Thu, Mar 8, 2018 at 10:30 AM, Richard Harding <rick.harding@canonical.com
> wrote:

> Yes, it's a self-signed cert at that point I used to move forward
> manually.
>
> On Thu, Mar 8, 2018 at 10:20 AM John A Meinel <john@arbash-meinel.com>
> wrote:
>
> > How does the IP address work when we don't have a valid cert for the
> > controller because we're still waiting for the let's-encrypt certificate.
> > Juju doesn't serve anything out without https. Is it just a self-signed
> > cert until LE gives us their signature on it?
> >
> > On Thu, Mar 8, 2018 at 8:24 AM, Richard Harding <
> > rick.harding@canonical.com>
> > wrote:
> >
> > > So the IP address works fine. It's just the autocert-dns-name does some
> > > handshaking with let's encrypt and that took some 4minutes to complete.
> > > I attempted to get the GUI details during that time and instead of the
> > > timeout the info that would be there w/o let's encrypt would be helpful
> > > I believe.
> > >
> > > --
> > > You received this bug notification because you are subscribed to juju.
> > > Matching subscriptions: juju bugs
> > > https://bugs.launchpad.net/bugs/1753999
> > >
> > > Title:
> > >   juju gui command does not fall back to I P address when dns-name
> setup
> > >   times out
> > >
> > > To manage notifications about this bug go to:
> > > https://bugs.launchpad.net/juju/+bug/1753999/+subscriptions
> > >
> >
> > --
> > You received this bug notification because you are subscribed to the bug
> > report.
> > https://bugs.launchpad.net/bugs/1753999
> >
> > Title:
> >   juju gui command does not fall back to I P address when dns-name setup
> >   times out
> >
> > To manage notifications about this bug go to:
> > https://bugs.launchpad.net/juju/+bug/1753999/+subscriptions
> >
>
> --
> You received this bug notification because you are subscribed to juju.
> Matching subscriptions: juju bugs
> https://bugs.launchpad.net/bugs/1753999
>
> Title:
>   juju gui command does not fall back to I P address when dns-name setup
>   times out
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/juju/+bug/1753999/+subscriptions
>

John A Meinel (jameinel) on 2018-03-14

Changed in juju:
status:	New → Triaged
importance:	Undecided → Medium

Revision history for this message

Canonical Juju QA Bot (juju-qa-bot) wrote on 2022-11-03:

This bug has not been updated in 2 years, so we're marking it Low importance. If you believe this is incorrect, please update the importance.

Changed in juju:
importance:	Medium → Low
tags:	added: expirebugs-bot

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.