juju system ssh keys - revisiting

Tim Penhey tim.penhey at canonical.com
Wed Dec 18 04:50:34 UTC 2013 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 17/12/13 19:33, John Arbash Meinel wrote:
> On 2013-12-17 10:20, John Arbash Meinel wrote:
>> ...
>>> This hints to me that Juju run is improperly design. We already
>>>  have a way to inform all machines that we have work for them
>>> to do. Which *doesn't* require us to ssh into them (the hook 
>>> triggers).
> 
>>> Just create a "run" hook that fires a custom script when there
>>> is data to be run. Why would be SSH into those machines
>>> directly?
> 
> 
>>>> I believe the rationale was so that juju-run can target 
>>>> machines as well as units. To target a machine without any 
>>>> units deployed would mean hooks are out of the question.
> 
> 
>> Then just run a hook context runner in the Machine agent. Still 
>> *much* better than actually needing to SSH into every machine
>> and violating the model of every-other-way we run stuff on
>> machines in the environment.
> 
>> John =:->
> 
> I'm sorry if I'm coming off as overly negative. I don't mean to
> sound that way. I was surprised that 'juju-run' needed to be an
> always-on service that didn't act like all of our other always-on
> services that respond to DB changes. It violates the concept that
> we could have a user request things be run on the systems, without
> having direct SSH access. (SSH access implies that you can run
> whatever you want without auditing, while juju-run would certainly
> create an audit log, and could be RBACed to run specific commands,
> etc.)

A key difference between "juju run" and the rest of the system is that
there is no "state" to refer to.  "juju run" isn't about having a
system world view and having the agents make that happen.

"juju run" is really syntactic sugar around "juju ssh" and the server
component "juju-run" that does the execution inside a hook context.

I understand that this is different, but a key thing was also to
provide this facility to the UI, which is why it isn't just done
purely client side.

Tim
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlKxKZoACgkQd1fvI4G7WRDICACfYfPejJ2Tz6X+7edFQOf5dUen
IRQAoIcxjJm4p9/hrr2Q5BbQJC4/7ndy
=oEKG
-----END PGP SIGNATURE-----

More information about the Juju-dev mailing list