| TheAbsentOne | Owkey I'm gonna try this here too guys, maybe a genius, as you all are, can help me. So I'm having the same issue for mysql as for postgres. I want to edit privileges so the credentials I (correctly receive) also allow a completely different host to use them and connect to the database. | 07:04 |
|---|---|---|
| TheAbsentOne | For mysql I had the idea to use pymysql (a library) and connect from within my charm (that is directly connected to mysql). I can connect and use the database perfectly. So I thought I'm gonna run a grant all privileges query from within this charm. I noticed however that the created user doesn't have grant privileges. | 07:04 |
| TheAbsentOne | This means that I cannot edit the newly created user to allow him to access from other hosts but the direct connected charm. Hence I'm stuck, does anyone know a workaround? | 07:05 |
| === TAO is now known as Guest58574 | ||
| stub | TheAbsentOne: Either the pgbouncer charm is broken, or you are attempting to connect to the PostgreSQL server directly rather than via the pgbouncer proxy. If the '...' in 'rejects connection for host ...' is the pgbouncer IP address, then the charm is broken. | 07:28 |
| TheAbsentOne | stub: when trying to connect with adminer from my charm (directly connected to pgbouncer) to pgbouncer I receive: "Unable to connect to PostgreSQL server: could not connect to server: Connection refused Is the server running on host "10.10.139.97" and accepting TCP/IP connections on port 5432?" | 07:32 |
| TheAbsentOne | the portnumber I received however was "6432" unsure if that is the issue | 07:33 |
| stub | pgbouncer by default runs on a different port, so if you use a different port than what you were given it will not work. | 07:35 |
| TheAbsentOne | a netstat shows he listens on 6432, so it might be adminer here | 07:36 |
| TheAbsentOne | stub it was the port, I didn't check it my bad! Just like you said it works from my far away charm as well! A huge thanks man, I'm glad this means I have at least postgres working now <3 | 07:39 |
| TheAbsentOne | You don't have, by any chance, an idea to work around my mysql issue? | 07:39 |
| stub | I'm not at all familiar with mysql, and only vaguely with the charm. I think it has an administrative as well as a standard relation endpoint? You might need to use the adminstrative one if you need more privs | 07:40 |
| stub | Devs like their apps to bootstrap their own schema, but DBAs and security analysts like the apps to run with restricted permissions and setup to be done from an isolated system with the higher level of privs. | 07:43 |
| TheAbsentOne | yeah I completely understand and I think it's a good security measure stub, I'm using the mysql-shared interface and the interfaces I'm gonna try with the mysql-root interface now | 07:44 |
| TheAbsentOne | I'm just a bit stunned from the sql part, stub. I thought it would be possible for a user to grant himself privileges to add more host support but it seems that's impossible :/ | 07:45 |
| TheAbsentOne | anyways big thanks man! | 07:46 |
| cablekevin | Question, i can't find a known bug regarding to JuJu and MAAS (in particular | 13:51 |
| cablekevin | file:"github.com/juju/gomaasapi/controller.go", line:885). The controller forces it to use a wrong URL to get the MAAS version. | 13:51 |
| cablekevin | Output of JuJu: https://pastebin.com/VJKHittk | 13:51 |
| cablekevin | Pardon me for my crappy copy/paste | 13:51 |
| cablekevin | Bootstrapping juju doesn't really want to work for me because of this issue | 13:54 |
| cablekevin | The request URL is clearly not correct | 13:54 |
| rick_h_ | cablekevin: is that the url in your cloud setup? You did an add-cloud for MAAS and told it where the MAAS was? It should verify it can contact the MAAS as part of that add-cloud walk through | 14:48 |
| cablekevin | hi rick_h_ | 14:54 |
| cablekevin | the result of juju show-cloud is: endpoint: http://192.168.188.2/MAAS | 14:54 |
| cablekevin | and that is valid | 14:54 |
| cablekevin | but what i see is that the endpoint "/MAAS/api/2.0/version" does not work and "/MAAS/api/version" works | 14:55 |
| cablekevin | However when juju is bootstrapping i cannot specify that specific endpoint (not that i want to do so) | 14:55 |
| rick_h_ | cablekevin: what version of Juju is this? | 14:55 |
| cablekevin | Maas: 2.3.3 and Juju: 2.3.8 | 14:56 |
| cablekevin | On Xenial | 14:56 |
| rick_h_ | cablekevin: hmm http://maas.mydomain/MAAS/api/2.0/version/ does work for me on my MAAS | 14:56 |
| rick_h_ | cablekevin: it should work with the trailing / | 14:56 |
| rick_h_ | cablekevin: which is in the log you pasted | 14:57 |
| cablekevin | hmmmm let me check | 14:57 |
| cablekevin | i can confirm that the trailing "/" makes it work | 14:57 |
| rick_h_ | cablekevin: so I read the log that the juju client in question is having a hard time reaching the IP address vs the URL being incorrect | 14:58 |
| cablekevin | you are correct | 14:58 |
| cablekevin | it's weird, it should be correct | 14:59 |
| cablekevin | and it should work actually | 14:59 |
| cablekevin | i think my internal/external addresses are being mixed up | 15:01 |
| cablekevin | thanks for pointing me in another direction other than what i was gazing at | 15:01 |
| rick_h_ | cablekevin: np, let me know if we can help in any way. Appreciate you pushing through it. | 15:02 |
| cablekevin | it's working now :) | 15:45 |
| cablekevin | learned a lot by getting it done the hard way | 15:45 |
| cablekevin | really appreciate it rick_h_ | 15:45 |
| cory_fu_ | jamespage: You around? | 15:54 |
| jamespage | cory_fu_: yeah sorry sound was muted - missed your ping! | 16:08 |
| rick_h_ | cablekevin: awesome, glad you got it running | 16:09 |
| cory_fu_ | jamespage: No worries. You up for cutting a charmhelpers release? Or any objection to me doing it? | 16:17 |
| jamespage | cory_fu_: please feel free! | 16:17 |
| cory_fu_ | jamespage: +1 Thanks | 16:18 |
| cory_fu_ | jamespage: Was going to call this 0.19.0 to follow semver, since goal_state is a new feature, but it's a pretty small release, so just wanted to make sure you didn't prefer 0.18.12 | 16:22 |
| jamespage | cory_fu_: lets go with 0.19.0 | 16:22 |
| cory_fu_ | jamespage, kwmonroe: 0.19.0 is out | 16:26 |
| === TAO is now known as Guest20202 | ||
| kwmonroe | +100 | 16:39 |
| kwmonroe | thx cory_fu_ | 16:39 |
| kwmonroe | 9 for you | 16:39 |
| TheAbsentOne | hey kwmonroe you don't have, by any chance, a minimal working example for your mysql-root interface that requests a database as well. I'm kinda confused with the documentation :s | 16:41 |
| ItsAllRigh | Anyone able to help out with a 'space binding' issue with deployments? | 19:59 |
| KingJ | Silly question... can Juju's controller be in a different cloud to the machines it orchestrates? I want to deploy my Juju controller on AWS/GKE etc, but actually deploy to bare-metal machines locally via MAAS. | 21:27 |
| wpk | KingJ: Single model needs to be on the same cloud, controller can control multiple models on different clouds. As long as there's connectivity between controller and machines in the model. | 22:18 |
| KingJ | So the initial model needs to be in the controller's cloud, but subsequent models that are created can be targeted to any cloud so long as there is connectivity between the controller in cloud A and machines in cloud B? What connectivity is needed - just Machines->Juju plus Juju->Cloud API or does Juju need to be able to reach the machines directly? | 22:22 |
| wpk | IIRC you are correct (regarding the connectivity) | 22:29 |
| KingJ | Great, thanks for the info :) | 22:30 |
| rick_h_ | KingJ: no, you have to have the controller on the same cloud so it's using the same provider but can do different regions of that cloud | 22:58 |
| rick_h_ | KingJ: JAAS provides a cross public cloud but doesn't work with MAAS since that's got a lot of requirements to make sure your private network/etc in MAAS can reach out | 22:59 |
| rick_h_ | and howdy wpk :) | 22:59 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!