Trying to debug an issue where I’m building a secure tunnel to the Region server from the Rack server over the internet. The region server is on a 10.196.136.x/28, and has a wireguard network of 10.196.5.x/26:
eth0: 10.196.36.132/28
wg0: 10.196.5.193/26
I have the MaaS URL configured to:
root@maas-poc1:/var/snap/maas# maas config
Mode: region
Settings:
maas_url=http://10.196.5.193:5240/MAAS
database_host=maas-poc1.postgres.mydomain
database_port=5432
database_name=maas-poc1
database_user=myuser@maas-poc1
database_pass=(hidden)
You can see that the URL is pointing to the IP on the wireguard interface.
When I curl the MAAS/rpc/ interface, though, the endpoints being advertised are for the eth0 network:
# note that I'm connecting to the wireguard IP)
# curl http://10.196.5.193:5240/MAAS/rpc/ 2>/dev/null | jq
{
"eventloops": {
"maas-poc1:pid=12057": [
[
"10.196.36.132",
5253
]
],
"maas-poc1:pid=12058": [
[
"10.196.36.132",
5252
]
],
"maas-poc1:pid=12059": [
[
"10.196.36.132",
5251
]
],
"maas-poc1:pid=12060": [
[
"10.196.36.132",
5250
]
]
}
}
I haven’t been able to tell for certain if this is related to a getHost() in a Twisted call or not yet, but it seems likely that something in the backend RPC code is looking at either the hostname or just the IP on the default route. I wanted to get this in front of the people who were more familiar with the system than I am.
I am assuming this is unintended behavior, but if I’m doing something wrong, please let me know.
Thanks!
–Matt