Open dragomirp opened 3 weeks ago
@dragomirp please add details on how to create the model. Unfortunately the reproducer does not use a juju_model resource as expected. Without the details I'm unable to reproduce.
It'd be helpful to understand the series of steps run with the juju client as it does not appear the juju client does anything special.
@dragomirp please add details on how to create the model. Unfortunately the reproducer does not use a juju_model resource as expected. Without the details I'm unable to reproduce.
Hi, @hmlanigan, model should be a k8s model and should be a variable input.
> juju controllers
Use --refresh option with this command to see the latest information.
Controller Model User Access Cloud/Region Models Nodes HA Version
microk8s-localhost* test-app admin superuser microk8s/localhost 2 - - 3.5.4
You should be able to create a model and apply with:
> juju add-model test-limits
> terraform plan -var model_name=test-limits
> terraform apply -var model_name=test-limits
The postgresql-k8s charm in the applied model should eventually error out due to the double certificates integration:
> juju status --relations
Model Controller Cloud/Region Version SLA Timestamp
test-limits microk8s-localhost microk8s/localhost 3.5.4 unsupported 17:31:57+03:00
App Version Status Scale Charm Channel Rev Address Exposed Message
certificates active 1 self-signed-certificates latest/stable 155 10.152.183.101 no
certificates2 active 1 self-signed-certificates latest/stable 155 10.152.183.108 no
postgresql-k8s 14.12 error 2 postgresql-k8s 14/stable 381 10.152.183.63 no hook failed: "certificates-relation-joined"
Unit Workload Agent Address Ports Message
certificates2/0* active idle 10.1.143.80
certificates/0* active idle 10.1.143.90
postgresql-k8s/0 error idle 10.1.143.72 hook failed: "certificates-relation-joined" for certificates2:certificates
postgresql-k8s/1* active executing 10.1.143.99 Primary
Integration provider Requirer Interface Type Message
certificates2:certificates postgresql-k8s:certificates tls-certificates regular
certificates:certificates postgresql-k8s:certificates tls-certificates regular
postgresql-k8s:database-peers postgresql-k8s:database-peers postgresql_peers peer
postgresql-k8s:restart postgresql-k8s:restart rolling_op peer
postgresql-k8s:upgrade postgresql-k8s:upgrade upgrade peer
The issue should be reproducible with other charms that set requires limit. I don't know if provides limit is affected.
Description
Interface limits set in a charm's metadata.yaml will not be respected when deploying with terraform and can cause a charm to end up with more integrations than is expected.
Urgency
Blocker for our release
Terraform Juju Provider version
0.14.0
Terraform version
1.9.7
Juju version
3.5.4
Terraform Configuration(s)
Reproduce / Test
Both
self-signed-certificates
will integrate with thepostgresql-k8s
charm which will start failing due to the duplicate connection. Thepostgresql-k8s
is limiting thecertificates
integration to 1.App Version Status Scale Charm Channel Rev Address Exposed Message certificates active 1 self-signed-certificates latest/stable 155 10.152.183.115 no
certificates2 active 1 self-signed-certificates latest/stable 155 10.152.183.250 no
postgresql-k8s 14.12 error 2 postgresql-k8s 14/stable 381 10.152.183.24 no hook failed: "certificates-relation-changed"
Unit Workload Agent Address Ports Message certificates2/0 active idle 10.1.143.92
certificates/0 active idle 10.1.143.109
postgresql-k8s/0 error idle 10.1.143.79 hook failed: "certificates-relation-changed" for certificates2:certificates postgresql-k8s/1* error idle 10.1.143.75 hook failed: "certificates-relation-joined" for certificates:certificates
Integration provider Requirer Interface Type Message certificates2:certificates postgresql-k8s:certificates tls-certificates regular
certificates:certificates postgresql-k8s:certificates tls-certificates regular
postgresql-k8s:database-peers postgresql-k8s:database-peers postgresql_peers peer
postgresql-k8s:restart postgresql-k8s:restart rolling_op peer
postgresql-k8s:upgrade postgresql-k8s:upgrade upgrade peer