In another run, there are two units that failed to put /etc/apache2/ssl/keystone/cert_<vip> and those two had FQDN compared to the succeeded one with hostname.
$ for i in {0..2}; do echo keystone/$i; juju ssh keystone/$i 'ls -l /etc/apache2/ssl/keystone/cert_192.168.151.99' 2>/dev/null ; done
keystone/0
ls: cannot access '/etc/apache2/ssl/keystone/cert_192.168.151.99': No such file or directory
keystone/1
lrwxrwxrwx 1 root root 50 Mar 23 07:13 /etc/apache2/ssl/keystone/cert_192.168.151.99 -> /etc/apache2/ssl/keystone/cert_juju-3f0619-1-lxd-0
keystone/2
ls: cannot access '/etc/apache2/ssl/keystone/cert_192.168.151.99': No such file or directory
There *is* a correlation. At the end of the day, it might be boiled down to the known issue to other charms than API services... /bugs.launchpad .net/charm- layer-ovn/ +bug/1896630
https:/
In another run, there are two units that failed to put /etc/apache2/ ssl/keystone/ cert_<vip> and those two had FQDN compared to the succeeded one with hostname.
$ for i in {0..2}; do echo keystone/$i; juju ssh keystone/$i 'ls -l /etc/apache2/ ssl/keystone/ cert_192. 168.151. 99' 2>/dev/null ; done ssl/keystone/ cert_192. 168.151. 99': No such file or directory ssl/keystone/ cert_192. 168.151. 99 -> /etc/apache2/ ssl/keystone/ cert_juju- 3f0619- 1-lxd-0 ssl/keystone/ cert_192. 168.151. 99': No such file or directory
keystone/0
ls: cannot access '/etc/apache2/
keystone/1
lrwxrwxrwx 1 root root 50 Mar 23 07:13 /etc/apache2/
keystone/2
ls: cannot access '/etc/apache2/
$ juju show-unit vault/0 --endpoint certificates jammy/vault- 93 endpoint: certificates -data: {}
cert_ requests: '{"juju- 3f0619- 0-lxd-0. maas": {"sans": ["192.168.151.122",
"192. 168.151. 99"]}}'
egress- subnets: 192.168.151.122/32
ingress- address: 192.168.151.122
private- address: 192.168.151.122
unit_ name: keystone_0
cert_ requests: '{"juju- 3f0619- 1-lxd-0" : {"sans": ["192.168.151.125", "192.168. 151.99" ]}}'
egress- subnets: 192.168.151.125/32
ingress- address: 192.168.151.125
private- address: 192.168.151.125
unit_ name: keystone_1
cert_ requests: '{"juju- 3f0619- 2-lxd-0. maas": {"sans": ["192.168.151.197",
"192. 168.151. 99"]}}'
egress- subnets: 192.168.151.197/32
ingress- address: 192.168.151.197
private- address: 192.168.151.197
unit_ name: keystone_2
vault/0:
workload-version: 1.8.8
machine: 0/lxd/2
opened-ports:
- 8200/tcp
public-address: 192.168.151.200
charm: ch:amd64/
leader: true
life: alive
relation-info:
- relation-id: 10
endpoint: certificates
related-
application
related-units:
keystone/0:
in-scope: true
data:
keystone/1:
in-scope: true
data:
keystone/2:
in-scope: true
data: