gnuoy/gist:bf7484d27a4043e25150126dafb3fd39

## gistfile1.txt
# https://asciinema.org/a/0wqvhrpshmvz2vcg46bvvtbul
# /home/liam/asciinema/keystone-demo.json

########################
# 0) Setup and Bootstrap
########################

# If you haven't already done so add the AWS credentials to Juju

juju add-credential aws
 Enter credential name: aws-tmp
 Using auth-type "access-key".
 Enter access-key: JDYTWBVZODFNSGZKFMYN
 Enter secret-key:
 Credentials added for cloud aws.

# Juju needs a controller which orchestrates the management of the applications
juju bootstrap aws/eu-west-1

#############################
# 1) Create and Deploy bundle
#############################

# The applications could be deployed by issuind individual juju commands but
# writing a bundle allows multiple applications and config to be deployed with
# a single command in an easily repeatable way.
# The command below creates the bundle for keystone, percona and a blank
# unit which can be used as a client

cat <<EOF > keystone-bundle.yaml
series: xenial
services:
  ubuntu:
    charm: cs:xenial/ubuntu
    num_units: 1
  mysql:
    charm: cs:trusty/percona-cluster
    num_units: 1
    options:
      dataset-size: 50%
      root-password: changeme
      sst-password: changeme
  keystone:
    charm: cs:xenial/keystone
    num_units: 1
    options:
      admin-password: openstack
      admin-token: ubuntutesting
relations:
  - [ keystone, mysql ]
EOF
juju deploy keystone-bundle.yaml

# A summary status of the deployment can be seen with the status command.
# Take a note of the keystone IP address for use later.
juju status

# Or to see the logs from the units being deployed.
juju debug-log

# Expose the instance of keystone to add ingress rules for connecting to the
# API service
juju expose keystone

##########################
# 2) Setup Keystone client
##########################

# Once the deployment is complete connect to the unit which is going to act as
# the client and install keystoneclient, create a novarc for authenticating
# with keystone and query keystone.
juju ssh ubuntu/0
sudo apt install --yes python3-keystoneclient

export KEYSTONE_IP=<INSERT KEYSTONE IP HERE>
cat <<EOF > ~/novarc
export OS_USERNAME=admin
export OS_PASSWORD=openstack
export OS_TENANT_NAME=admin
export OS_REGION_NAME=RegionOne
export OS_AUTH_URL=http://${KEYSTONE_IP}:5000/v2.0
EOF

source ~/novarc
keystone catalog

#####################
# 3) Debugging a hook
#####################

# The charms expose config options that can be set at deployment time or, in
# most cases, set after deployment. Setting a config value causes the charms
# config-changed hook to fire. This hook fire event can be intercepted which
# is useful for debugging any issues.
# In one session run this command to create the debug hooks session:

juju debug-hooks keystone/0

# Then, in another session change a config option

juju config keystone debug=True

# Go back to the session from which 'debug-hooks' was run and the title at the
# bottom of the screen should have switched to
# '16.04 0:bash- # 1:config-changed*'
# In a debug-hooks session the low level commands that the charm uses are
# available.
# To see the config the user has set along with defaults:

config-get

# To see what data the percona application has sent:

relation-ids shared-db
 shared-db:2

relation-list -r shared-db:2
 mysql/0

relation-get -r shared-db:2 - mysql/0
 allowed_units: keystone/0
 db_host: 172.31.22.125
 password: LCfKfxjgH7WNThNSSHBRM8cFZBCh9GrF
 private-address: 172.31.22.125

# The hook has not fired yet so the 'debug' option in keystone should still be
# set to 'false'

grep debug /etc/keystone/keystone.conf
 debug = False

# Now manually run the config-changed hook

./hooks/config-changed

# The keystone.conf will have been updated and the Apache mod_wsgi service
# reloaded

grep debug /etc/keystone/keystone.conf
 debug = True

# Now exit the debug hooks session, you may have to type exit multiple times
# until you are back on your laptop as other hook events may have been queued.

################################
# 4) Upgrading Openstack Version
################################

# The deployment of keystone did not pull packages from the Cloud Archive so
# the Openstack release which is the default for Xenial was installed which is
# Mitaka. The version of keystone deployed is exposed through juju status

juju status keystone
  ...
  App       Version  Status  Scale  Charm     Store       Rev  OS      Notes
  keystone  9.2.0    active      1  keystone  jujucharms  258  ubuntu  exposed
  ...

# The Keystone charm exposes a openstack-origin option which can be pointed at
# a cloud archive PPA to trigger an upgrade.

juju config keystone openstack-origin
  distro

juju config keystone openstack-origin='cloud:xenial-newton'

# The charm takes a few minutes to perform the upgrade. Then the status
# reflects the upgraded version of keystone:

juju status keystone
  ...
  App       Version  Status  Scale  Charm     Store       Rev  OS      Notes
  keystone  10.0.0   active      1  keystone  jujucharms  258  ubuntu  exposed
  ...

################
# 5) Scaling Out
################

# Currently there is only one keystone unit. To share the workload out more
# units can be added.

juju add-unit keystone -n2

# Juju status will now confirm there are three keystone units

juju status keystone

# The keystone url used by the client points at a single keystone unit but the
# keystone api service is actually behind haproxy meaning the traffic is load
# balanced accross all three nodes

juju ssh keystone/0
cat /etc/haproxy/haproxy.cfg

# This does not give HA as if the unit that the clients OS_AUTH_URL is pointing
# at failed then the client would have to update OS_AUTH_URL. The charms
# support assigning a VIP and use corosync and pacemaker to float the vip
# accross the units of the application. See the charm guide from more details.

###############
# 6) Tidying up
###############

# SKIP THIS SECTION IF GOING ON TO THE CHARM AUTHOR TUTORIAL

# To show the name of the model
juju switch

# To remove the model and the machines
juju destroy-model default

# To show name of controller
juju list-controllers

# Remove the controller
# juju destroy-controller aws-eu-west-1
	# https://asciinema.org/a/0wqvhrpshmvz2vcg46bvvtbul
	# /home/liam/asciinema/keystone-demo.json

	########################
	# 0) Setup and Bootstrap
	########################

	# If you haven't already done so add the AWS credentials to Juju

	juju add-credential aws
	Enter credential name: aws-tmp
	Using auth-type "access-key".
	Enter access-key: JDYTWBVZODFNSGZKFMYN
	Enter secret-key:
	Credentials added for cloud aws.

	# Juju needs a controller which orchestrates the management of the applications
	juju bootstrap aws/eu-west-1

	#############################
	# 1) Create and Deploy bundle
	#############################

	# The applications could be deployed by issuind individual juju commands but
	# writing a bundle allows multiple applications and config to be deployed with
	# a single command in an easily repeatable way.
	# The command below creates the bundle for keystone, percona and a blank
	# unit which can be used as a client

	cat <<EOF > keystone-bundle.yaml
	series: xenial
	services:
	ubuntu:
	charm: cs:xenial/ubuntu
	num_units: 1
	mysql:
	charm: cs:trusty/percona-cluster
	num_units: 1
	options:
	dataset-size: 50%
	root-password: changeme
	sst-password: changeme
	keystone:
	charm: cs:xenial/keystone
	num_units: 1
	options:
	admin-password: openstack
	admin-token: ubuntutesting
	relations:
	- [ keystone, mysql ]
	EOF
	juju deploy keystone-bundle.yaml

	# A summary status of the deployment can be seen with the status command.
	# Take a note of the keystone IP address for use later.
	juju status

	# Or to see the logs from the units being deployed.
	juju debug-log

	# Expose the instance of keystone to add ingress rules for connecting to the
	# API service
	juju expose keystone

	##########################
	# 2) Setup Keystone client
	##########################

	# Once the deployment is complete connect to the unit which is going to act as
	# the client and install keystoneclient, create a novarc for authenticating
	# with keystone and query keystone.
	juju ssh ubuntu/0
	sudo apt install --yes python3-keystoneclient

	export KEYSTONE_IP=<INSERT KEYSTONE IP HERE>
	cat <<EOF > ~/novarc
	export OS_USERNAME=admin
	export OS_PASSWORD=openstack
	export OS_TENANT_NAME=admin
	export OS_REGION_NAME=RegionOne
	export OS_AUTH_URL=http://${KEYSTONE_IP}:5000/v2.0
	EOF

	source ~/novarc
	keystone catalog

	#####################
	# 3) Debugging a hook
	#####################

	# The charms expose config options that can be set at deployment time or, in
	# most cases, set after deployment. Setting a config value causes the charms
	# config-changed hook to fire. This hook fire event can be intercepted which
	# is useful for debugging any issues.
	# In one session run this command to create the debug hooks session:

	juju debug-hooks keystone/0

	# Then, in another session change a config option

	juju config keystone debug=True

	# Go back to the session from which 'debug-hooks' was run and the title at the
	# bottom of the screen should have switched to
	# '16.04 0:bash- # 1:config-changed*'
	# In a debug-hooks session the low level commands that the charm uses are
	# available.
	# To see the config the user has set along with defaults:

	config-get

	# To see what data the percona application has sent:

	relation-ids shared-db
	shared-db:2

	relation-list -r shared-db:2
	mysql/0

	relation-get -r shared-db:2 - mysql/0
	allowed_units: keystone/0
	db_host: 172.31.22.125
	password: LCfKfxjgH7WNThNSSHBRM8cFZBCh9GrF
	private-address: 172.31.22.125

	# The hook has not fired yet so the 'debug' option in keystone should still be
	# set to 'false'

	grep debug /etc/keystone/keystone.conf
	debug = False

	# Now manually run the config-changed hook

	./hooks/config-changed

	# The keystone.conf will have been updated and the Apache mod_wsgi service
	# reloaded

	grep debug /etc/keystone/keystone.conf
	debug = True

	# Now exit the debug hooks session, you may have to type exit multiple times
	# until you are back on your laptop as other hook events may have been queued.

	################################
	# 4) Upgrading Openstack Version
	################################

	# The deployment of keystone did not pull packages from the Cloud Archive so
	# the Openstack release which is the default for Xenial was installed which is
	# Mitaka. The version of keystone deployed is exposed through juju status

	juju status keystone
	...
	App Version Status Scale Charm Store Rev OS Notes
	keystone 9.2.0 active 1 keystone jujucharms 258 ubuntu exposed
	...

	# The Keystone charm exposes a openstack-origin option which can be pointed at
	# a cloud archive PPA to trigger an upgrade.

	juju config keystone openstack-origin
	distro

	juju config keystone openstack-origin='cloud:xenial-newton'

	# The charm takes a few minutes to perform the upgrade. Then the status
	# reflects the upgraded version of keystone:

	juju status keystone
	...
	App Version Status Scale Charm Store Rev OS Notes
	keystone 10.0.0 active 1 keystone jujucharms 258 ubuntu exposed
	...

	################
	# 5) Scaling Out
	################

	# Currently there is only one keystone unit. To share the workload out more
	# units can be added.

	juju add-unit keystone -n2

	# Juju status will now confirm there are three keystone units

	juju status keystone

	# The keystone url used by the client points at a single keystone unit but the
	# keystone api service is actually behind haproxy meaning the traffic is load
	# balanced accross all three nodes

	juju ssh keystone/0
	cat /etc/haproxy/haproxy.cfg

	# This does not give HA as if the unit that the clients OS_AUTH_URL is pointing
	# at failed then the client would have to update OS_AUTH_URL. The charms
	# support assigning a VIP and use corosync and pacemaker to float the vip
	# accross the units of the application. See the charm guide from more details.

	###############
	# 6) Tidying up
	###############

	# SKIP THIS SECTION IF GOING ON TO THE CHARM AUTHOR TUTORIAL

	# To show the name of the model
	juju switch

	# To remove the model and the machines
	juju destroy-model default

	# To show name of controller
	juju list-controllers

	# Remove the controller
	# juju destroy-controller aws-eu-west-1