[03:17] <thumper> babbageclunk: hey there
[03:17] <thumper> babbageclunk: can I get you to look at a PR for me?
[03:18] <thumper> babbageclunk: https://github.com/juju/juju/pull/7821
[03:23] <babbageclunk> thumper: sure
[03:23] <thumper> babbageclunk: thanks
[03:24] <thumper> babbageclunk: I'm working on a followup to that one
[03:24] <thumper> that builds on it
[03:35] <wallyworld> axw: when you get time, would like a second opinion on the modelling for the firewall rules. i've tried to keep it all very simple at the core data model; layers on top can add complexity if needed https://github.com/juju/juju/pull/7823
[03:40] <axw> wallyworld: ok, will look in a bit. feeling like crap, been sneezing nonstop all morning... going to go lie down after
[03:40] <wallyworld> axw: that's no good, it can wait, go afk and rest
[03:41] <thumper> axw: seconded, go rest
[03:44] <babbageclunk> thumper: approved - minor comment about a confusing variable name.
[03:44] <thumper> babbageclunk: cool, thanks
[03:44] <babbageclunk> wallyworld: looking at yours now
[03:45] <wallyworld> yay, ty
[04:00] <babbageclunk> wallyworld: approved.
[04:00] <wallyworld> awesome, ty
[17:42] <bdx> giving 2.3 edge a test run
[17:42] <bdx> is there some kind of endpoint config for my model
[17:42] <bdx> lets say the model from which machines are offering
[17:42] <bdx> or applications are offering
[17:43] <bdx> take the use case of an application deployed to maas
[17:43] <bdx> on private networks
[17:43] <bdx> relating to an application in a public cloud
[17:44] <bdx> I seem to remember this being discussed somewhere
[17:44] <bdx> possibly
[17:44] <bdx> ha
[17:45] <bdx> anyone know about a model config that defines a public egress gateway or something?
[20:56] <wallyworld> thumper: veebers: balloons: would you guys be free now for release call?
[21:00] <wallyworld> bdx: with the latest edge, you can do what you want. you offer the endpoint in the public cloud for example. if your maas is behind a NAT firewall and traffic originates from a given NAT address, you can either set a model config "egress-subnets" or when you relate to the offered endpoint in the public cloud, use "juju relate --via <subnet>". in each case, subnet is a CIDR, eg <nat address>/32
[21:00] <veebers> wallyworld: I could be in 5, balloons is off today.
[21:01] <wallyworld> ok, that would be great
[21:02] <bdx> wallyworld: thats great! thx
[21:02] <wallyworld> bdx: the model config is global for all relations, the --via option is per relation
[21:03] <wallyworld> bdx: i have tested with mysql in aws, and i then deploy mediawiki to a lxd cloud on my laptop; similar to your set up with maas i think
[21:03] <bdx> I see, perfect .... yeah I think thats what was stopping my postgresql relations earlier
[21:03] <bdx> Ill give it a whirl, thanks
[21:03] <wallyworld> bdx: ah psotgres - there will need to be some charm updates, it may not work out of the box just yet
[21:04] <bdx> gotcha
[21:04] <wallyworld> it might work, but the postgres charm needs to update the hba.conf
[21:04] <wallyworld> and there's internal juu changes in progress to allow things to be modelled properly
[21:05] <wallyworld> i don't think the NAT scenario would work just yet
[21:05] <wallyworld> for postgres anyway
[21:05] <wallyworld> it will all work real soon
[21:11] <bdx> ok
[21:11] <bdx> not sure if this is a corner case or not
[21:12] <bdx> so like in my datacenter, we have a direct route to our aws us-west-2 vpc
[21:12] <bdx> and vice versa
[21:13] <bdx> the routing tables in aws point back to my private networks in the datacenter
[21:13] <bdx> my datacenter (MAAS) nodes, and my aws instances dont have to traverse the WAN to talk
[21:16] <bdx> because they talk via a virtual private gateway, and have fiber straight to our racks at the datacenter
[21:16] <bdx> so for my controllers/models
[21:17] <bdx> I would want the services to talk over the VPG and not the wan
[21:17] <bdx> for my on-prem <-> aws instance
[21:19] <bdx> we also dont get charged for data that travels in and out of our racks at the datacenter to us-west-2
[21:20] <bdx> I'm wondering if providing the '--via' for my internal nets will make juju do what I want it to do
[21:21] <bdx> (route via the VPG instead of externally)
[21:22] <bdx> because I've already got the routes
[21:22] <bdx> I guess this will turn into a matter of juju wanting to support the remote relation via the public endpoint eh?
[21:22] <bdx> hmmmm
[21:35] <thumper> wallyworld, veebers: oh, have you had the release call?
[21:35] <thumper> here I am sitting all alone
[21:40] <veebers> thumper: heh yeah we met as wallyworld needed to pop out. You want to meet?
[21:40] <thumper> veebers: is there anything interesting to discuss?
[21:40] <veebers> thumper: not really, just we have 2 things being worked on, they should hopefully be done this week for release, otherwise we push out a little longer
[21:41] <thumper> veebers: I do have a question for you though
[21:41] <thumper> veebers: http://ci.jujucharms.com/job/github-merge-juju/216/
[21:41] <thumper> veebers: how do I find out what failed from this link?
[21:41] <veebers> let em look now
[21:42] <thumper> hmm... [xenial] Error: retrieving gpg key timed out.
[21:42] <veebers> thumper: hit th e"open blue ocean" link on the side there, gives nice logging outpt
[21:43] <veebers> thumper: but yeah, looks like a hiccup there failed it :-\
[21:43] <thumper> what's blue ocean?
[21:43] <thumper> looks pretty though
[21:45] <veebers> thumper: blue ocean is a UI layer for jenkins designed for the pipeline builds (a way of declaring builds in code etc.)
[21:46] <veebers> thumper: we use it for our merge and check-merge jobs, we where going to use it for the ci-run replacement, but have pivoted away from that
[21:47]  * thumper nods
[23:24] <babbageclunk> thumper: ok - after that hump of cloud names the amazon migration fails because we use different machine tagging: juju-env-uuid vs juju-model-uuid.
[23:24] <babbageclunk> thumper: this doesn't happen on maas
[23:25] <babbageclunk> thumper: since we use the agent-name value from maas.
[23:25] <thumper> ok
[23:25] <babbageclunk> thumper: do you know how we do it in openstack?
[23:25] <babbageclunk> I'll have a dig.
[23:28] <babbageclunk> thumper: hmm, looks like it'll be a problem there too.
[23:28] <thumper> hazaah
[23:30] <babbageclunk> thumper: is canonistack on openstack?
[23:30] <thumper> yep
[23:31] <babbageclunk> ok - working on sorting that out now