https://juju.is/docs/juju/get-started-with-juju # 安裝設定 Juju 及 LXD > 似乎會受到系統上 Docker 的影響，最好先停掉所有 Docker 的服務。 https://juju.is/docs/olm/lxd ```shell $ sudo snap install juju --channel=2.9/stable --classic ... juju (2.9/stable) 2.9.44 from Canonical✓ installed $ sudo snap install lxd --channel=5.15/stable ... lxd 5.15-002fa0f from Canonical✓ installed $ newgrp lxd $ sudo adduser $USER lxd $ lxd init --auto $ lxc network set lxdbr0 ipv6.address none $ sudo apt install linux-generic-hwe-20.04 # linux-generic 5.4 doesn't work for the following `juju bootstrap`. $ reboot $ juju list-controllers ERROR No controllers registered. Please either create a new controller using "juju bootstrap" or connect to another controller that you have been given access to using "juju register". $ sudo juju bootstrap localhost overlord Creating Juju controller "overlord" on localhost/localhost Looking for packaged Juju agent version 2.9.44 for amd64 Located Juju agent version 2.9.44-ubuntu-amd64 at https://streams.canonical.com/juju/tools/agent/2.9.44/juju-2.9.44-linux-amd64.tgz To configure your system to better support LXD containers, please see: https://linuxcontainers.org/lxd/docs/master/explanation/performance_tuning/ Launching controller instance(s) on localhost/localhost... - juju-ba91eb-0 (arch=amd64) Installing Juju agent on bootstrap instance Fetching Juju Dashboard 0.8.1 Waiting for address ... $ juju clouds Only clouds with registered credentials are shown. There are more clouds, use --all to see them. Clouds available on the controller: Cloud Regions Default Type localhost 1 localhost lxd Clouds available on the client: Cloud Regions Default Type Credentials Source Description localhost 1 localhost lxd 1 built-in LXD Container Hypervisor $ lxc list +---------------+---------+---------------------+-----------------------------------------------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +---------------+---------+---------------------+-----------------------------------------------+-----------+-----------+ | juju-58eb5e-0 | RUNNING | 10.29.67.162 (eth0) | fd42:eeaf:5b77:3c91:216:3eff:fe50:b30a (eth0) | CONTAINER | 0 | +---------------+---------+---------------------+-----------------------------------------------+-----------+-----------+ ``` # 使用 LXD charm https://charmhub.io/lxd https://github.com/canonical/charm-lxd ```shell $ juju add-model lxd Added 'lxd' model on localhost/localhost with credential 'localhost' for user 'admin' $ juju switch lxd overlord:admin/lxd (no change) $ juju deploy ch:lxd --num-units 2 Located charm "lxd" in charm-hub, revision 291 Deploying "lxd" from charm-hub charm "lxd", revision 291 in channel stable on jammy $ juju config lxd lxd-listen-https=true $ juju expose lxd $ juju status Model Controller Cloud/Region Version SLA Timestamp lxd overlord localhost/localhost 2.9.44 unsupported 21:06:09+08:00 App Version Status Scale Charm Channel Rev Exposed Message lxd active 2 lxd stable 291 yes Unit Workload Agent Machine Public address Ports Message lxd/0* active idle 0 10.67.167.95 8443/tcp lxd/1 active idle 1 10.67.167.98 8443/tcp Machine State Address Inst id Series AZ Message 0 started 10.67.167.95 juju-a5c6cc-0 jammy Running 1 started 10.67.167.98 juju-a5c6cc-1 jammy Running $ juju run-action lxd/0 add-trusted-client cert="$(cat ~/snap/lxd/common/config/client.crt)" --wait unit-lxd-0: UnitId: lxd/0 id: "26" results: result: The client certificate is now trusted status: completed timing: completed: 2023-07-23 14:15:26 +0000 UTC enqueued: 2023-07-23 14:15:21 +0000 UTC started: 2023-07-23 14:15:25 +0000 UTC $ juju run-action lxd/1 add-trusted-client cert="$(cat ~/snap/lxd/common/config/client.crt)" --wait unit-lxd-1: UnitId: lxd/1 id: "28" results: result: The client certificate is now trusted status: completed timing: completed: 2023-07-23 14:15:45 +0000 UTC enqueued: 2023-07-23 14:15:40 +0000 UTC started: 2023-07-23 14:15:44 +0000 UTC $ lxc remote add r1 10.67.167.95:8443 $ lxc remote add r2 10.67.167.98:8443 $ lxc remote ls +-----------------+------------------------------------------+---------------+-------------+--------+--------+--------+ | NAME | URL | PROTOCOL | AUTH TYPE | PUBLIC | STATIC | GLOBAL | +-----------------+------------------------------------------+---------------+-------------+--------+--------+--------+ | images | https://images.linuxcontainers.org | simplestreams | none | YES | NO | NO | +-----------------+------------------------------------------+---------------+-------------+--------+--------+--------+ | local (current) | unix:// | lxd | file access | NO | YES | NO | +-----------------+------------------------------------------+---------------+-------------+--------+--------+--------+ | r1 | https://10.67.167.95:8443 | lxd | tls | NO | NO | NO | +-----------------+------------------------------------------+---------------+-------------+--------+--------+--------+ | r2 | https://10.67.167.98:8443 | lxd | tls | NO | NO | NO | +-----------------+------------------------------------------+---------------+-------------+--------+--------+--------+ | ubuntu | https://cloud-images.ubuntu.com/releases | simplestreams | none | YES | YES | NO | +-----------------+------------------------------------------+---------------+-------------+--------+--------+--------+ | ubuntu-daily | https://cloud-images.ubuntu.com/daily | simplestreams | none | YES | YES | NO | +-----------------+------------------------------------------+---------------+-------------+--------+--------+--------+ ``` # 使用 Jenkins charm https://charmhub.io/jenkins https://charmhub.io/jenkins-agent ```shell $ juju info jenkins name: jenkins publisher: Charm CI/CD team summary: Jenkins Continuous Integration Server ... supports: xenial, bionic, focal ... $ juju info jenkins-agent name: jenkins-agent publisher: Jenkins CI Charmers ... supports: xenial, bionic, focal ... $ juju add-model jenkins Added 'jenkins' model on localhost/localhost with credential 'localhost' for user 'admin' $ juju switch jenkins overlord:admin/jenkins (no change) $ juju status Model Controller Cloud/Region Version SLA Timestamp jenkins overlord localhost/localhost 2.9.44 unsupported 19:39:15+08:00 Model "admin/jenkins" is empty. $ juju deploy jenkins --series focal Located charm "jenkins" in charm-hub, revision 42 Deploying "jenkins" from charm-hub charm "jenkins", revision 42 in channel stable on focal $ juju deploy jenkins-agent --series focal Located charm "jenkins-agent" in charm-hub, revision 18 Deploying "jenkins-agent" from charm-hub charm "jenkins-agent", revision 18 in channel stable on focal $ juju expose jenkins $ juju add-relation jenkins jenkins-agent $ juju status --relations Model Controller Cloud/Region Version SLA Timestamp jenkins overlord localhost/localhost 2.9.44 unsupported 20:24:35+08:00 App Version Status Scale Charm Channel Rev Exposed Message jenkins active 1 jenkins stable 42 yes Jenkins is running jenkins-agent active 1 jenkins-agent stable 18 no ready - using jenkins from relation Unit Workload Agent Machine Public address Ports Message jenkins-agent/0* active idle 1 10.67.167.250 ready - using jenkins from relation jenkins/0* active idle 0 10.67.167.5 8080/tcp,48484/tcp Jenkins is running Machine State Address Inst id Series AZ Message 0 started 10.67.167.5 juju-a82ec3-0 focal Running 1 started 10.67.167.250 juju-a82ec3-1 focal Running Relation provider Requirer Interface Type Message jenkins-agent:slave jenkins:master jenkins-slave regular $ juju actions jenkins Action Description cancel-quiet-down Cancel quiet mode. get-admin-credentials Retrieve the admin credentials, including the password which may have been auto-generated. install-dependencies Install Jenkins dependencies for the specified Jenkins version (or the currently installed/ anticipated to be installed version if the Jenkins version is not specified). Primarily useful during integration tests. quiet-down Put Jenkins in a Quiet mode. In that mode Jenkins doesn’t start any build. restart Wait for all jobs to be completed and restart jenkins. update-plugins Install available updates for plugins and safe-restart jenkins. No-op if there aren't updates available. upgrade Upgrade jenkins package when using bundle. $ juju actions jenkins-agent No actions defined for jenkins-agent. $ juju run-action jenkins/0 get-admin-credentials --wait unit-jenkins-0: UnitId: jenkins/0 id: "2" results: password: 98ac66655ea16e1 username: admin status: completed timing: completed: 2023-07-23 11:53:58 +0000 UTC enqueued: 2023-07-23 11:53:55 +0000 UTC started: 2023-07-23 11:53:57 +0000 UTC ``` # 使用 Reverse SSH Tunnel 技巧 ## Jenkins 前端介面 ``` $ ssh -N -L 9527:10.67.167.5:8080 <remote-juju-host-above> ``` https://localhost:9527 ## juju 儀錶板 ``` $ juju dashboard Dashboard 0.8.1 for controller "overlord" is enabled at: https://10.67.167.5:17070/dashboard Your login credential is: username: admin password: 86f650892c26180a6bf2a116fb7df486 ``` ``` $ ssh -N -L 10070:10.67.167.5:17070 <remote-juju-host-above> ``` https://localhost:10070/dashboard