/srv/irclogs.ubuntu.com/2017/10/26/#juju.txt

=== frankban|afk is now known as frankban
magicaltroutrandom question of the day13:47
magicaltrouthas anyone seen juju ssh route them to the wrong box?13:47
wpknope, and there's host key check to make sure it doesn't happen13:51
magicaltroutsomething funky is happening because if i run juju ssh 013:52
magicaltrouti go to a remote node13:52
magicaltroutif i run juju ssh 1,2 or 313:52
magicaltroutI loop back to my controller node13:52
magicaltrouthrm13:53
wpkmagicaltrout: what does juju --debug ssh 0 says?13:53
wpks/0/1/ ofc13:54
magicaltrouter well13:56
magicaltroutusing 1 didn't fail that time but 2 did13:56
magicaltroutusing target "2" address "172.17.0.1"13:57
magicaltroutbut thats a local docker interface13:57
magicaltroutand juju status shows the #2 machine as being 10.10.1.8113:57
wpkjuju show-machine 2 ?13:57
magicaltroutip-addresses: 10.10.1.81, 10.1.100.0, 10.1.100.1.... 172.17.0.113:58
magicaltroutinstance-id: manual: 10.10.1.8113:58
wpkWith --debug enabled is it checking host keys? And finding a proper key?13:59
magicaltrouthttps://gist.github.com/buggtb/04efdbd34493984069026810a23227ff14:00
magicaltroutand that loops me right back to the machine i'm on14:00
magicaltroutand logs me in14:00
wpkand if you ssh into the machine manually?14:01
wpkcould you see how ip a looks like?14:01
magicaltroutwell its external ip is 10.10.1.8114:02
magicaltroutit also has a docker internal net on 172.17.0.114:02
magicaltroutits just a manual CDK deployment14:02
wpkand 172.17.0.1 appears also on the machine you're on?14:03
magicaltroutisn't 172.17.0.1 on ever machine docker is ever installed on?14:03
magicaltroutits on my latop for example14:03
wpkmagicaltrout: can you try newer juju? 2.2?14:06
wpkmagicaltrout: in 2.2 we're checking for host keys on all the possible interfaces, and only connecting to the ones that provide the proper key14:06
magicaltroutcan i snap change it somehow?14:07
wpkmagicaltrout: in 2.0 the machine is reporting 172.17.0.1 as its address, so we try to connect to it. And since it's localhost it's likely it's going to 'win the race'.14:07
magicaltroutbonus14:07
magicaltroutah yeah 2.2 does work wpk14:13
magicaltroutthanks14:13
magicaltroutthat had me utterly baffled14:13
wpkmagicaltrout: could you paste juju --debug ssh 2 somewhere? I wonder how it looks like14:13
magicaltroutnew or old?14:13
wpknew one14:14
magicaltrouthttps://gist.github.com/buggtb/5a9d1708dd0ee59ea11a806dbf1c6e8a14:14
wpkThanks14:25
magicaltroutwpk: i lied15:15
magicaltroutcheck this treat15:15
magicaltrouthttps://gist.github.com/buggtb/d85fbf00cd45c9e3b72251dd3fc619e415:15
magicaltroutthats absolutely amazing :)15:17
magicaltroutbasically you can't run docker on the same machine as a juju controller15:18
magicaltroutwithout it looping back in15:18
magicaltroutfml15:18
magicaltroutwell15:19
magicaltrouti can change the default docker0 ip i guess that'll stop it for now15:19
wpkmagicaltrout: ok, that's a serious bug15:31
wpkmagicaltrout: could you do ssh-keyscan 172.17.0.1 10.10.1.81 ?15:35
magicaltroutwpk: https://gist.github.com/buggtb/6b9a4fd460aa2ba84284c3ec847808f515:37
wpkthere's no output for 172.17.0.1?15:38
wpktry just ssh-keyscan 172.17.0.115:38
magicaltrouti have realised part of the problem15:40
magicaltroutthere is an ubuntu user locally which allows ssh loopback access to the jujucontroller user I have15:40
magicaltroutwhich is non-standard I accept :)15:40
magicaltroutso usually you wouldn't be able to login to yourself15:40
magicaltroutthat said, its still a bit weird how the docker interface gets preferential treatment over the interfaces you've declared15:41
wpkit's the fastest one15:42
wpksince both 172.17.0.1 and 10.10.1.81 are in private space15:42
wpkwe wouldn't know anything about docker, ip is an ip15:43
wpkhm, but still it shouldn't validate the host key on both IPs15:48
=== frankban is now known as frankban|afk
ryebotWhere can I find documentation for bootstrapping & adding units in an egress-restricted environment?20:59
bdxelasticsearch-peeps: http://paste.ubuntu.com/25825991/22:04
bdx:022:04
lazyPowernice22:06

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!