Hi folks, I wonder if any of you have had this problem before but Juju and Openstack are resetting my secgroup rules every night. I hope this is comprehensible without much details as it involves private deployment info... I know this is not strictly speaking 100% Juju but anyway...
Juju creates the secgroup for Nova, right? I am manually setting a nova secgroup-add-rule for port 22 like the following: nova secgroup-add-rule groupname tcp 22 22 ipaddress/32 However, my other rules (ICMP etc) are kept between days, but SSH rules for port 22 are being reset and disappearing overnight. Is it a known issue or expected behavior with Juju and Openstack? I was told Juju or Openstack (no idea who is at faul here, really) might reset the secgroups from time to time (when exactly?) if the specified port in the rule is not open in the Juju units. Ok, so I have created this charm https://jujucharms.com/u/caio1982/open-port/ and I confirm that now port 22 is open in all the related units whose IPs are in the secgroup rules. Still, all SSH rules for port 22 are being reset every single night. Does it make sense? Right now I have an extra secgroup rule for 0.0.0.0/0 too, just to see what happens tonight. I would really love to understand why Juju and Openstack are not playing nice together with my secgroup rules :-( — Caio Begotti [ˈka.jo | be.ˈgɔ.t͡ʃi]
-- Juju mailing list Juju@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/juju