Manual provisioning - feedback wanted

David Cheney david.cheney at
Mon Sep 9 01:57:47 UTC 2013

> As of 1.13.3 you can now do this:
>     juju add-machine ssh:[user@]host

* Does this user have to be root ? If the user has to be root, do we
have to get into the business of telling people how to adjust their
/etc/ssh/sshd to allow root login ?
* What happens if I do, juju add-machine ssh:localhost ? I can't
imagine anything good will come from that. Should there be a provision
to prohibit this ?
* What happens if the machine you are ssh'ing to is via a jump/bastian
host, the target won't be able to communate with the outside world or
bootstrap node, right ? That sounds like a huge support timesuck.

> Here's a few things to bear in mind:
>  - Currently you do need to have an existing, bootstrapped environment. Work
> on improving this situation is underway

So it will be possible to say, juju bootstrap -e $SOMETHING ssh:somehost ?

>  - The machine you're provisioning must be able to route to machine 0 (for
> the state/API), and storage (to get tools, etc.)

re timesuck, see above.

>  - There is no change in supported operating systems; the machine being
> provisioned must be running Ubuntu 12.04+

Is this enforced in code ?

>  - Multiple invocations of ssh will be made, and sudo is used on the remote
> host to install the machine agent. To reduce noisy prompts, you should use
> public key authentication. To completely eliminate prompting, you'll also
> need to enable passwordless sudo on the target host.

Can we automate this with a file in /etc/sudoers.d ?

> Cheers,
> Andrew
> --
> Juju mailing list
> Juju at
> Modify settings or unsubscribe at:

More information about the Juju mailing list