As of version
2.9.8, Juju includes support for the Equinix Metal cloud, which means adding your Equinix Metal account to Juju is quick and easy.
More specific information on Juju’s Equinix Metal support (e.g. the supported regions) can be seen locally or, since version
2.9.0, remotely (on a live cloud). Here, we’ll show how to do it locally (client cache):
juju show-cloud --local equinix
In versions prior to
show-cloud command only operates locally (there is no
To ensure that Juju’s information is up to date (e.g. new region support), you can update Juju’s public cloud data by running:
The Cloud credentials page offers a full treatment of credential management.
Using Juju’s interactive authentication, importing Equinix Metal credentials into Juju is a simple process. The only information you’ll need is your Equinix Metal API Key and Project ID:
api-tokenThe API Key used for access to the Equinix Metal API. You can create a new Personal API Key at https://console.equinix.com/users/me/api-keys.
project-idThe Equinix Metal project identifier. You can view this in the Equinix Metal console on the Project Settings tab, as shown in the following image:
Credentials can now be added by running the following command:
juju add-credential equinix
The first question will ask for an arbitrary credential name, which you choose for yourself. This will be how you remember and refer to this Equinix Metal credential in Juju. The second question will ask you to select an ‘Auth Type’, with the options being either
access-key as the authentication type and then enter your API Key and Project ID as described above.
You can now start using Juju with your Equinix Metal project.
You are now ready to create a Juju controller for cloud ‘equinix’:
juju bootstrap equinix/am equinix-controller
Above, the name given to the new controller is ‘equinix-controller’. Equinix Metal will provision an instance to run the controller on.
The controller will now be visible in the Equinix Metal console:
For a detailed explanation and examples of the
bootstrap command see the Creating a controller page.
A controller is created with two models - the ‘controller’ model, which should be reserved for Juju’s internal operations, and a model named ‘default’, which can be used for deploying user workloads.
Before deploying workloads to Equinix metal: Due to substrate limitations, the Equinix provider does not implement support for firewalls. As a result, workloads deployed to machines under the same project ID can reach each other even across Juju models. Deployed machines are always assigned both a public and a private IP address. This means that any deployed charms are implicitly exposed and proper access control mechanisms need to be implemented to prevent unauthorized access to the deployed workloads.
See these pages for ideas on what to do next: