Deploying Apps on OpenStack

Juju allows deploying charm/bundles on different clouds, including your private OpenStack cloud or public clouds like AWS, Azure, Google.

We explain here how to install Juju and to use it for deploying applications on your private OpenStack cloud based on the GARR Cloud.

Note: These instructions are valid for Juju version 2.1 - 2.2. Instructions for Juju v2.0 are available here

Install the software

We assume you have a server running Ubuntu Xenial (16.04), where to install the Juju client.

The Juju client provides the CLI to your Juju platform.

For installing Juju on a different platform, see the Getting Started with Juju.

The Juju client may also be a VM running on your OpenStack project. Follow the steps in the Quick Start Guide on VM to create a VM on OpenStack

Login to your node and do the following.

Install Juju by doing this:

$ sudo apt-get update
$ sudo add-apt-repository -u ppa:juju/stable
$ sudo apt install juju

Setup a private cloud

In order for Juju to orchestrate the deployment of your applications on your project, you need to create a private OpenStack cloud on that project.

Create a Juju environment file

We will use mycloud as the name of your private cloud.

Create a YAML file mycloud.yaml defining an OpenStack cloud called $CLOUD_NAME:

    type: openstack
    auth-types: [access-key, userpass]

Create also a YAML file mycredentials.yaml defining the credentials for $CLOUD_NAME:

      auth-type: userpass
      project-domain-name: cloudusers
      user-domain-name: cloudusers
      tenant-name: $MYPROJECT
      username: $USERNAME
      password: $PASSWD

Where the following need to be substituted with actual values:

$CLOUD_NAME is the name given to the cloud
$CREDENTIAL_NAME is the name given to the set of credentials;
$REGION is the actual name of one the OpenStack regions, e.g. garr-ct1 or garr-pa1
$USERNAME and $PASSWD are the username and password of a GARR Cloud user with access to the project $MYPROJECT, where the private OpenStack cloud will be setup.

Note the authentication endpoint and the region name which correspond to the currently active region of the GARR Cloud.

Warning: the user must be Member (not Admin) of the project where Juju will be installed.

Create configuration file for the GARR Cloud

Add another file called config.yaml containing some further configuration parameters specific to the GARR cloud:

network: default
use-floating-ip: true
external-network: floating-ip


  • network is the name of the private network used by Juju to attach the instances (in this case we use the shared network called default)
  • external-network is the name of the public network which provides the floating IPs to the instances (the name of the public network of the GARR cloud is floating-ip)
  • use-floating-ip: true means that Juju will assign a public floating IP to the created instances.

Add the cloud

Add the cloud $CLOUD_NAME to the list of Juju clouds by issuing the following command:

$ juju add-cloud $CLOUD_NAME mycloud.yaml --replace

Add the user credentials for your cloud by issuing the command:

$ juju add-credential $CLOUD_NAME -f mycredentials.yaml --replace

Check the results with:

$ juju show-cloud $CLOUD_NAME
$ juju list-credentials --format yaml --show-secrets

Create a controller

Before you can start deploying applications, Juju needs to create a controller for $CLOUD_NAME. The controller manages the models you create to host the applications. A model groups the VMs that support an application.

The juju bootstrap command is used to create the controller. The command expects the cloud name you have added and a name for the controller:

$ juju bootstrap $CLOUD_NAME $CONTROLLER_NAME --config config.yaml --bootstrap-series=$SERIES --debug

where $CONTROLLER_NAME is the name given to the controller and $SERIES is a chosen/available Ubuntu series (e.g. xenial or bionic).

You can check that the controller has been created:

$ juju controllers

This will return a list of the controllers known to Juju, which at the moment is the one we just created:

Use --refresh flag with this command to see the latest information.

Controller           Model    User   Access     Cloud/Region             Models  Machines    HA  Version
$CONTROLLER_NAME*  default  admin  superuser  $CLOUD_NAME/region-ct1-cl1      2         1  none  2.1.2

The following command shows the currently active controller, model, and user:

$ juju whoami

In our example, the output should look like this:

Model:       default
User:        admin

Controller, models, user management

Let’s have now a quick tour around the main functionalities available to manage the Juju cloud.

Give these commands to get the list of controllers, models and users:

$ juju controllers
$ juju models
$ juju users

switch to the model controller which hosts the controller node:

$ juju switch controller

Verify the status of the model and of the hosted VMs:

$ juju status

Change the admin password:

$ juju change-user-password

Get the URL of the juju GUI:

$ juju gui

The output will be something like:

GUI 2.5.2 for model "admin/controller" is enabled at:
Your login credential is:
   username: admin
   password: <unknown> (password has been changed by the user)

You can now open the URL given above on a browser to access the Juju GUI.


Note 1: juju gui may return the private address of the controller in the URL. Please replace this adress with the public IP of the controller (shown by juju status).


Note 2: Juju gui does not open on some browser (e.g. Safari). Use chrome which has been proven to work on any platform.

Use the following command to create a new model:

$ juju add-model --config config.yaml $MODEL_NAME

The output of the command is:

Using credential '$CREDENTIAL_NAME' cached in controller
Added '$MODEL_NAME' model on $CLOUD_NAME/region-ct1-cl1 with credential '$CREDENTIAL_NAME' for user 'admin'

Use the following command to create a new user:

$ juju add-user $USER_NAME

The output of the command is:

User "$USER_NAME" added
Please send this command to $USER_NAME:
    juju register MGITBXBpcHBvMCwTFDE5Mi4xNjguMjUxLjk1OjE3MDcwExQ5MC4xNDcuMTY3LjIyNjoxNzA3MAQgnNKfLoOaijdG_UMaIYdCKYKMno_5_YbN1SVnV-gEkvMTCWdhcnItY3RybAA=

"$USER_NAME" has not been granted access to any models. You can use "juju grant" to grant access.

Note the command juju register to send to the user. He/she will issue this command from his/her Juju cli to have access to this Juju cloud. The user will be asked to set a new password that will allow him/her to access to the Juju GUI.

Now add a ssh key-pair to Juju:

$ juju add-ssh-key "<public-key>"

The public key will be injected to the created VMs and will allow users to log into the nodes with the usual command:

$ ssh -i <private-key> ubuntu@IP.

Finally, let’s grant the role admin to the new user on the new model:

$ juju grant $USER_NAME admin $MODEL_NAME

Deploy applications

Juju is now ready to deploy applications from among the hundreds included in the Juju charm store.

Switch to the newly created model:

$ juju switch $MODEL_NAME

and follow this link to learn how to deploy a Juju charm using the CLI.