juju does not error or warn when firewalls don't allow cloud internal network communication
Bug #1816108 reported by
Richard Harding
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Canonical Juju |
Triaged
|
Low
|
Unassigned |
Bug Description
We had a user attempting to use Juju and failing to get their deployment to come up because the firewall rule for internal access was removed. This meant that units could not speak to each other on the cloud local addesses without open-port/expose of the application.
Since we don't allow those options at a per subnet level it means you have to open things to the world. We have other bugs around open-port to allow specifying what space it operates on and such.
I think that Juju should at least WARN and possibly ERROR during bootstrap if the VPC in use is known to have such a firewall config (or lack of config).
To post a comment you must log in.
This bug has not been updated in 2 years, so we're marking it Low importance. If you believe this is incorrect, please update the importance.