Deploying Apps on OpenStack¶
Juju allows deploying charm/bundles on different clouds, including your private OpenStack cloud or public clouds like AWS, Azure, Google.
We explain here how to install Juju and to use it for deploying applications on your private OpenStack cloud based on the GARR Cloud.
Note: These instructions are valid for Juju version 2.1 - 2.2. Instructions for Juju v2.0 are available here
Install the software¶
We assume you have a server running Ubuntu Xenial (16.04), where to install the Juju client.
The Juju client provides the CLI to your Juju platform.
For installing Juju on a different platform, see the Getting Started with Juju.
The Juju client may also be a VM running on your OpenStack project. Follow the steps in the Quick Start Guide on VM to create a VM on OpenStack
Login to your node and do the following.
Install Juju by doing this:
$ sudo apt-get update $ sudo add-apt-repository -u ppa:juju/stable $ sudo apt install juju
Setup a private cloud¶
In order for Juju to orchestrate the deployment of your applications on your project, you need to create a private OpenStack cloud on that project.
Create a Juju environment file¶
We will use mycloud as the name of your private cloud.
Create a YAML file mycloud.yaml defining an OpenStack cloud called $CLOUD_NAME:
clouds: $CLOUD_NAME: type: openstack auth-types: [access-key, userpass] regions: $REGION: endpoint: https://keystone.cloud.garr.it:5000/v3
Create also a YAML file mycredentials.yaml defining the credentials for $CLOUD_NAME:
credentials: $CLOUD_NAME: $CREDENTIAL_NAME: auth-type: userpass project-domain-name: cloudusers user-domain-name: cloudusers tenant-name: $MYPROJECT username: $USERNAME password: $PASSWD
Where the following need to be substituted with actual values:
$CLOUD_NAME is the name given to the cloud $CREDENTIAL_NAME is the name given to the set of credentials; $REGION is the actual name of one the OpenStack regions, e.g. garr-ct1 or garr-pa1 $USERNAME and $PASSWD are the username and password of a GARR Cloud user with access to the project $MYPROJECT, where the private OpenStack cloud will be setup.
Note the authentication endpoint and the region name which correspond to the currently active region of the GARR Cloud.
Warning: the user must be Member (not Admin) of the project where Juju will be installed.
Create configuration file for the GARR Cloud¶
Add another file called config.yaml containing some further configuration parameters specific to the GARR cloud:
network: default use-floating-ip: true external-network: floating-ip
- network is the name of the private network used by Juju to attach the instances (in this case we use the shared network called default)
- external-network is the name of the public network which provides the floating IPs to the instances (the name of the public network of the GARR cloud is floating-ip)
- use-floating-ip: true means that Juju will assign a public floating IP to the created instances.
Add the cloud¶
Add the cloud $CLOUD_NAME to the list of Juju clouds by issuing the following command:
$ juju add-cloud $CLOUD_NAME mycloud.yaml --replace
Add the user credentials for your cloud by issuing the command:
$ juju add-credential $CLOUD_NAME -f mycredentials.yaml --replace
Check the results with:
$ juju show-cloud $CLOUD_NAME $ juju list-credentials --format yaml --show-secrets
Create a controller¶
Before you can start deploying applications, Juju needs to create a controller for $CLOUD_NAME. The controller manages the models you create to host the applications. A model groups the VMs that support an application.
The juju bootstrap command is used to create the controller. The command expects the cloud name you have added and a name for the controller:
$ juju bootstrap $CLOUD_NAME $CONTROLLER_NAME --config config.yaml --bootstrap-series=$SERIES --debug
where $CONTROLLER_NAME is the name given to the controller and $SERIES is a chosen/available Ubuntu series (e.g. xenial or bionic).
You can check that the controller has been created:
$ juju controllers
This will return a list of the controllers known to Juju, which at the moment is the one we just created:
Use --refresh flag with this command to see the latest information. Controller Model User Access Cloud/Region Models Machines HA Version $CONTROLLER_NAME* default admin superuser $CLOUD_NAME/region-ct1-cl1 2 1 none 2.1.2
The following command shows the currently active controller, model, and user:
$ juju whoami
In our example, the output should look like this:
Controller: $CONTROLLER_NAME Model: default User: admin
Controller, models, user management¶
Let’s have now a quick tour around the main functionalities available to manage the Juju cloud.
Give these commands to get the list of controllers, models and users:
$ juju controllers $ juju models $ juju users
switch to the model controller which hosts the controller node:
$ juju switch controller
Verify the status of the model and of the hosted VMs:
$ juju status
Change the admin password:
$ juju change-user-password
Get the URL of the juju GUI:
$ juju gui
The output will be something like:
GUI 2.5.2 for model "admin/controller" is enabled at: https://192.168.251.95:17070/gui/u/admin/controller Your login credential is: username: admin password: <unknown> (password has been changed by the user)
You can now open the URL given above on a browser to access the Juju GUI.
Note 1: juju gui may return the private address of the controller in the URL. Please replace this adress with the public IP of the controller (shown by juju status).
Note 2: Juju gui does not open on some browser (e.g. Safari). Use chrome which has been proven to work on any platform.
Use the following command to create a new model:
$ juju add-model --config config.yaml $MODEL_NAME
The output of the command is:
Using credential '$CREDENTIAL_NAME' cached in controller Added '$MODEL_NAME' model on $CLOUD_NAME/region-ct1-cl1 with credential '$CREDENTIAL_NAME' for user 'admin'
Use the following command to create a new user:
$ juju add-user $USER_NAME
The output of the command is:
User "$USER_NAME" added Please send this command to $USER_NAME: juju register MGITBXBpcHBvMCwTFDE5Mi4xNjguMjUxLjk1OjE3MDcwExQ5MC4xNDcuMTY3LjIyNjoxNzA3MAQgnNKfLoOaijdG_UMaIYdCKYKMno_5_YbN1SVnV-gEkvMTCWdhcnItY3RybAA= "$USER_NAME" has not been granted access to any models. You can use "juju grant" to grant access.
Note the command juju register to send to the user. He/she will issue this command from his/her Juju cli to have access to this Juju cloud. The user will be asked to set a new password that will allow him/her to access to the Juju GUI.
Now add a ssh key-pair to Juju:
$ juju add-ssh-key "<public-key>"
The public key will be injected to the created VMs and will allow users to log into the nodes with the usual command:
$ ssh -i <private-key> ubuntu@IP.
Finally, let’s grant the role admin to the new user on the new model:
$ juju grant $USER_NAME admin $MODEL_NAME