Recently on jujucharms.com we opened the public beta of JAAS — Juju as a Service. Let’s explore what JAAS is and how you can participate now in the beta.
Models and Controllers
First, a little background to put the changes we’ve introduced into context. Juju allows you to model your service-oriented architecture and manage the deployment to public clouds, OpenStack, local hardware, and containers. Using the GUI, which is installed with every deployment of Juju, you can visualise your model and configure the parts.
To manage the deployments, Juju requires a controller, a management node that keeps track of all of the components in your deployed model, handles scaling, and all of the other magic Juju does. When you use the command-line command
juju bootstrap you are simply creating a controller. If you’re using a public cloud, that controller is a resource you’re charged to use like any other machine. Bear in mind a highly available deployment will require multiple bootstrapped controllers, so your expense for those nodes will be tripled if you have three HA controllers.
Although it doesn’t take a long time to bootstrap a new controller, it isn’t instantaneous. Further, each controller is an island to itself, any configuration you make to one controller is not reflected in the others. Identity management is one type of configuration that is beneficial to share across models.
What JAAS introduces is a common controller that is always deployed that you can use to create your models — the things you actually care about. Since it is already running, and maintained by us, you can skip the
juju bootstrap step and simply start by using
juju add-model to begin your work.
Public beta of JAAS
For the public beta we have set up a controller for everyone to use. Every new model created at jujucharms.com/new is attached to the public controller. You can also access it from the command-line, which will be explained later.
So with the beta of JAAS we are providing:
- anonymous user access to modelling in the GUI from jujucharms.com/new,
- support for all three big clouds (AWS, Azure, and Google) through a single controller, available from a web browser or CLI,
- identity management across all models,
- user access management to models,
- model sharing via URLs, and
- everything else that Juju offers!
Use of the controller during the beta period will be free of charge! Models you create will use your public cloud credentials and you’ll be charged for them but the use of the controller is free.
To start modelling you don’t even have to be logged in. Just visit jujucharms.com/new and begin adding applications from the charm store to your model. When you’re done adding services, applying any custom configuration, and creating the relations between them you can download and save a bundle file or go ahead and deploy to a public cloud. To do the deployment you’ll need to provide your credentials for the cloud and your cloud provider will charge you for those instances you use. Once you’ve added your credentials to the controller they are securely stored for you and you can deploy future models using them.
Currently we have controllers in two regions for each of the three supported public clouds and will add more as use increases. We provide HA controllers in the U.S. and in Europe for each cloud.
Maintaining a production environment is a team effort so JAAS allows you to easily share access and management of your models with your project members. When you grant access to others they can see your model in the browser via jujucharms.com or by using Juju on the command line.
With recent changes to the GUI models are individually addressable via a shareable URL. For instance if I had a model named wordpress it could be shared and seen by going to jujucharms.com/u/bac/wordpress.
You can also see models shared with you by visiting your profile page at jujucharms.com/u/[your_user_name]. Here is the profile page of my colleague Jeff showing that I’ve shared my wordpress model with him. He’s also got another model shared by Uros.
Sharing can be done via the command line with the
juju grant command.
juju grant hatch@external read wordpress
Or in the GUI using the share button, seen below at the far right.
That button brings up a dialog that looks like
The user names must include a domain. Currently we use external (e.g. hatch@external) but that will change soon. So, for now, just append @external on the end of your collaborator’s Ubuntu SSO name. Use everyone@external to make a model publicly available.
If you have a model shared with you as read-only you clearly cannot make changes to it. But given the URL scheme used you can request changes from the model owner. Suppose Jeff is viewing my wordpress model and wants to add an HA Proxy service. While viewing my model he can search for HA Proxy and the resulting URL in the context of my wordpress model is https://jujucharms.com/u/bac/wordpress/haproxy/40. Jeff could then email me that URL and request I add it to the model. When I go directly to that URL I would merely click the Add to canvas button and it would be done.
JAAS controller registration
Models you create on jujucharms.com are already created using the JAAS controller. In order to use that controller from the command line, you need to first register it. This is done with the command:
$ juju register jimm.jujucharms.com
Adding a model
From the command line you add a model using
juju add-model. But when working with the JAAS controller you’ve got to provide information about the cloud and region to use since the controller knows about three public clouds with two regions each.
The following command will add a k8s model to the Google cloud using region us-east1 using the previously saved bac-gce credentials.
$ juju add-model k8s google/us-east1 --credential bac-gce
We have worked hard to bring JAAS to this point and it is very functional. This program is currently in a beta state. If you do encounter a bug please let us know by filing it at https://github.com/CanonicalLtd/jujucharms.com/issues. You can also reach the team in real-time in the #juju channel on Freenode IRC.
JAAS was introduced on the March 1, 2017, edition of the biweekly Juju Show live podcast. The recording can be found on YouTube.