EC2 VPC firewall rules
Tom Barber
tom at analytical-labs.com
Thu Feb 18 11:28:06 UTC 2016
Okay back to the EC2-VPC question.
I have updated trunk and I have bootstrapped a new environment.
juju service tells me that my mysql charm is running 2.0-beta1.1 and is
exposed.
On the bootstrap node I see:
https://gist.github.com/buggtb/6b10fa695ea150ea3489
The actual box itself tells me 22 and 17070 are open for business. Again
though, if I add a firewall rule manually I can log straight in.
Tom
--------------
Director Meteorite.bi - Saiku Analytics Founder
Tel: +44(0)5603641316
(Thanks to the Saiku community we reached our Kickstart
<http://kickstarter.com/projects/2117053714/saiku-reporting-interactive-report-designer/>
goal, but you can always help by sponsoring the project
<http://www.meteorite.bi/products/saiku/sponsorship>)
On 18 February 2016 at 10:42, Dimiter Naydenov <
dimiter.naydenov at canonical.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 18.02.2016 12:01, Tom Barber wrote:
> > Hello folks
> >
> > I'm not sure if my tinkering has broken something, the fact I'm
> > running trunk has broken something or I just don't understand
> > something.
> >
> > Until last week we've been running EC2 classic, but we have now
> > switched to EC2-VPC and have launched a few machines.
> >
> > juju ssh to these machines works fine and I've been configuring
> > them to suit our needs.
> >
> > Then I came to look at external access, `juju expose mysqldb` for
> > example, I would then expect to be able to access it from the
> > outside world, but can't unless go into my VPC settings and open
> > the port in one of the juju security groups, at which point
> > external access works fine.
> >
> > Am I missing something?
> >
> > Thanks
> >
> > Tom
> >
> >
> Hey Tom,
>
> What you're describing sounds like a bug, as "juju expose <service>"
> should trigger the firewaller worker to open the ports the service has
> declared (with open-ports within the charm) using the security group
> assigned to the host machine for all units of that service.
>
> Have you changed the "firewall-mode" setting by any chance?
> Can you provide some logs from /var/log/juju/*.log on the bootstrap
> instance (machine 0)?
>
> Cheers,
> - --
> Dimiter Naydenov <dimiter.naydenov at canonical.com>
> Juju Core Sapphire team <http://juju.ubuntu.com>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
>
> iQEcBAEBAgAGBQJWxaAXAAoJENzxV2TbLzHwGgEIAIuj0sPzh7S/4jvTQ6aA/dwP
> i7WkSZ586JkNbEFeCBjDavO6oZFOwIAEW+EpGuy1C0O8BJr5Y2YJBMR96pdf3Rj/
> Y6xS4Byt0HrwCWixt7ut6zu7BsT+nv6YFO7fNQvNYLyroufzpqUKaALJp5xwedkJ
> JIx1iyLnAZ4ZC1/0VkoBM/UjbZN7xQIteNvChBCZSSk8RvbqXCKhbXZKuUKMAw5g
> R+D3wIwLEyZHb5SATcSSdE6nidv4A0F2waac1/3lOvFebeOsnapnRKkIDp3Y9v19
> /zDiDLWSJJvMDau8iIzSQ4STK/sLEmA78iRNkfDRWRifv0z1KkY6ppnhaS+jrj4=
> =kPA7
> -----END PGP SIGNATURE-----
>
> --
> Juju mailing list
> Juju at lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/juju
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/juju/attachments/20160218/37561381/attachment.html>
More information about the Juju
mailing list