Using Juju

Now that you have OpenStack running you can use it as a backing cloud with
Juju.

Install Juju

Begin by installing Juju as a snap:

sudo snap install juju --classic

Set environment variables

Source the microstack.rc file to have the shell pick up values for environment variables:

source /var/snap/microstack/common/etc/microstack.rc

You can view these variables and their values in this way:

env | grep OS_

Later, we will need the value for OS_AUTH_URL in particular.

Generate image metadata for Juju

Juju needs to know how to find metadata for the images necessary for provisioning its machines. For private clouds such as OpenStack this must be done manually via Simplestreams.

First decide on a Ubuntu release. Here we’ll use Ubuntu 20.04 LTS (Focal), so we start by importing a Focal image into OpenStack:

OS_SERIES=focal
IMAGE_ID=$(curl \
   http://cloud-images.ubuntu.com/$OS_SERIES/current/$OS_SERIES-server-cloudimg-amd64.img | \
   microstack.openstack image create \
   --public --container-format=bare --disk-format=qcow2 \
   -f value -c id $OS_SERIES)

The image’s ID will be stored in variable IMAGE_ID. You can also list OpenStack images (and their IDs) in the usual way:

microstack.openstack image list

Next, generate the metadata:

mkdir ~/simplestreams
OS_REGION=microstack
juju metadata generate-image -d ~/simplestreams \
   -i $IMAGE_ID -s $OS_SERIES -r $OS_REGION -u $OS_AUTH_URL

See Cloud image metadata in the Juju documentation for extra information.

Add the cloud to Juju

Create a cloud definition file, say microstack.yaml, for the OpenStack cloud. Be sure to substitute in the values of $OS_REGION and $OS_AUTH_URL. The CA certificate found within /var/snap/microstack/common/etc/ssl/certs/cacert.pem must also be included:

clouds:
  microstack:
    type: openstack
    auth-types: [access-key,userpass]
    regions:
      $OS_REGION:
        endpoint: $OS_AUTH_URL
    ca-certificates:
      - |
        -----BEGIN CERTIFICATE-----
        MIIC/TCCAeWgAwIBAgIUTQtVCuZwkAlwpNbz//5m2eBojJ0wDQYJKoZIhvcNAQEL
        BQAwHDEaMBgGA1UEAwwRbm9kZS1sYXZlcmFuLm1hYXMwHhcNMjIxMDA0MTcwMDM5
        WhcNMzIxMDA0MTcwMDM5WjAcMRowGAYDVQQDDBFub2RlLWxhdmVyYW4ubWFhczCC
        ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL3CQY2QKoVQFOFrt+7UBx7P
        UXT6qTHQ0HxLwxOTgYU1nQYvTg3NUOTewwOTMMEcRD05a4xHmU5A1bhTsMCus9KB
        7NoRO/YbWqpI12cRviiIGdZ/r2dZfozojgTHFeTHFzfCbxllCgnZAVTBhDNNesA2
        0x9mu1ToRc318PICuLqJw7eO7cv5HvVvrukCWQAcHnGlLRFUxUxW7DeX3PJZ6CIL
        QSCUGyDz5uHFjuLs/17IhCUyLaOE0NYM1KyyFXZvDp8IvbrH5j9Cdu79olg7QX5A
        KCpUI3M5Oarq/rcQm7mu5uTVDEiyl1E6nFbsW6FOQGZ+BZLD4G6zjVdcGesTh8cC
        AwEAAaM3MDUwDwYDVR0TBAgwBgEB/wIBADAiBgNVHREEGzAZghFub2RlLWxhdmVy
        YW4ubWFhc4cECvZyDDANBgkqhkiG9w0BAQsFAAOCAQEAhu37XlmjkNPj1O7gxxKj
        NHsSuCZKTi+bVaGdAExtHBXIUHy7+5FaYqTWn8g8aiQFAFkzaUWZSZeObE7FUN6A
        Vo3Hq2hDoDOz/u7UYFL/4ZtHfmdb94ZCRalTYEhnamwyIKabe9k2mclL2qIaEUHG
        O3UdFfdNrN/jTV3EiDH3DP/2uPHs9p+mP0GScH9CM7dReL3G/LYIPmh3QluyKEre
        XiZ9IFKpXMujnwtqX7DQEh6cXK0/AdbGRZolS9F4NMSIER8+SdvnKD0M7qPJOSKd
        vHnhrG8LGVyJlW1ZibvoFryktkqteicmOxDuIvEJwnSwMskcZpYz1OEUBdMUkaOX
        4w==
        -----END CERTIFICATE-----

Now add the cloud by referencing that file:

juju add-cloud --client microstack -f microstack.yaml

The command juju clouds --local should now list the cloud:

Clouds available on the client:
Cloud       Regions  Default     Type       Credentials  Source    Description
localhost   1        localhost   lxd        0            built-in  LXD Container Hypervisor
microstack  1        microstack  openstack  0            local     Openstack Cloud

Add the cloud credentials to Juju

Now supply cloud credential information to Juju. Use the autoload-credentials command to have Juju detect any defined environmental variables:

juju autoload-credentials

An interactive session will ensue where you will need to select the OpenStack credentials that the command has located. Here is an example:

Looking for cloud and credential information on local client...

1. LXD credential "localhost" (new)
2. openstack region "<unspecified>" project "admin" user "admin" (new)
3. rackspace credential for user "admin" (new)
Select a credential to save by number, or type Q to quit: 2

Select the cloud it belongs to, or type Q to quit [microstack]:

Saved openstack region "<unspecified>" project "admin" user "admin" to cloud microstack locally

1. LXD credential "localhost" (new)
2. openstack region "<unspecified>" project "admin" user "admin" (existing, will overwrite)
3. rackspace credential for user "admin" (new)
Select a credential to save by number, or type Q to quit: Q

Added credentials can be inspected with:

juju credentials --show-secrets --format yaml

Create the Juju controller

Create the Juju controller:

juju bootstrap --bootstrap-series=$OS_SERIES \
   --metadata-source=~/simplestreams \
   --model-default network=test \
   --model-default external-network=external \
   --bootstrap-constraints allocate-public-ip=true \
   microstack microstack

Refer to Configuring controllers for information on the options used in the above command.

Deploy a workload

We’ll now run a workload on the OpenStack cloud. Here, we’ll deploy a small Kubernetes cluster via the kubernetes-core bundle within the empty ‘default’ model:

juju deploy kubernetes-core

Once the output to juju status has settled run the demo Kubernetes “microbot” application that came with the bundle:

juju run-action --wait kubernetes-worker/0 microbot replicas=2

To confirm that the application is running you can query the cluster with the
kubectl utility:

mkdir ~/.kube
juju scp kubernetes-master/0:config ~/.kube/config
sudo snap install kubectl --classic

Sample output:

NAME                       READY   STATUS    RESTARTS   AGE
microbot-594cc9b87-77gjv   1/1     Running   0          7m44s
microbot-594cc9b87-nkrsk   1/1     Running   0          7m44s

To remove everything to do with Kubernetes run these commands:

juju destroy-model -y default
sudo snap remove kubectl
rm -rf ~/.kube

Last updated 5 months ago. Help improve this document in the forum.