Controller spaces


#1

Hello!

With juju 2.6.2, I create a controller with

$ juju spaces
Space   Subnets
admin   10.99.0.0/16
public  10.66.0.0/16
$ juju bootstrap mymaas \
	--no-gui \
	--bootstrap-constraints "tags=juju-controller spaces=public" \
	--constraints "spaces=public" \
	--config juju-ha-space=public \
	--config juju-mgmt-space=public \
	mycontroller

and yet, the controller uses all the interfaces:

[...]
Juju GUI installation has been disabled
Waiting for address
Attempting to connect to 10.99.100.162:22
Attempting to connect to 10.66.101.112:22
Connected to 10.66.101.112
Running machine configuration script...
Bootstrap agent now started
Contacting Juju controller at 10.99.100.162 to verify accessibility...
Bootstrap complete, controller "control" now is available
Controller machines are in the "controller" model
Initial model "default" added

The controller is indeed listening on 10.99.100.162:17070. I don’t want 10.99 to be used, by any application except deployment through pxe.

The space constraints are effective when I create models, but how can I configure the controller as well?

Thanks


#2

The juju-mgmt-space applies to Juju agents, but clients still choose from a list of all available interfaces.

This is specifically to prevent clients from being locked out by errant settings.

If you check agent logs, they should only be using addresses in the space that you configured.


#3

Thanks. That’s reassuring, and I have not had any problem since configuring the spaces.