Setting up LXD Cluster as a Juju Cloud
These instructions represent a “shortest path” to setting up a LXD cluster on MAAS nodes, adding the cluster to Juju as a new cloud, and setting up Juju credentials to access it. The following uses the juju
--edge snap, install it with:
$ sudo snap install juju --edge --classic
For a very good introduction on how to setup a LXD cluster; Stéphane Graber from the LXD team has a youtube video Setting up a 3 nodes cluster that is well worth a watch.
The following assumes that you have ssh access to MAAS nodes in order to set up LXD.
It is recommended that you read information on securing your environment for production use.
- Before provisioning the MAAS nodes that will be cluster members, ensure that the physical network device to be used is bridged, and configured to get an automatically assigned IP from the 10.0.0.0/24 subnet.
- Provision the node with Bionic (LXD 3.x installed by default, supporting clustering).
LXD First Node
For simplicity, we use a trust password to add new nodes to the cluster and to add add Juju credential certificates.
SSH to the machine, run “lxd init” and answer as shown below.
$ lxd init Would you like to use LXD clustering? (yes/no) [default=no]: yes What name should be used to identify this node in the cluster? [default=xxx]: What IP address or DNS name should be used to reach this node? [default=10.0.0.x]: Are you joining an existing cluster? (yes/no) [default=no]: Setup password authentication on the cluster? (yes/no) [default=yes]: Trust password for new clients: Again: Do you want to configure a new local storage pool? (yes/no) [default=yes]: Name of the storage backend to use (btrfs, dir, lvm) [default=btrfs]: Create a new BTRFS pool? (yes/no) [default=yes]: Would you like to use an existing block device? (yes/no) [default=no]: Size in GB of the new loop device (1GB minimum) [default=21GB]: Do you want to configure a new remote storage pool? (yes/no) [default=no]: Would you like to connect to a MAAS server? (yes/no) [default=no]: Would you like to configure LXD to use an existing bridge or host interface? (yes/no) [default=no]: yes Name of the existing bridge or host interface: $MAAS_BRIDGE_NAME Would you like stale cached images to be updated automatically? (yes/no) [default=yes] Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]:
LXD Remaining Cluster Nodes
For each machine to be added to the cluster, run “lxd init”, but this time opt to join the existing cluster.
$ lxd init Would you like to use LXD clustering? (yes/no) [default=no]: yes What name should be used to identify this node in the cluster? [default=xxx]: What IP address or DNS name should be used to reach this node? [default=10.0.0.x]: Are you joining an existing cluster? (yes/no) [default=no]: yes IP address or FQDN of an existing cluster node: 10.0.0.x Cluster fingerprint: 68e985c3e1d840ee6d2ecca72ae033356450ebdd4e297e07a42a9b6c48255128 You can validate this fingerpring by running "lxc info" locally on an existing node. Is this the correct fingerprint? (yes/no) [default=no]: yes Cluster trust password: …
Setup Juju Cloud and Credentials
Adding the Cluster as a Juju Cloud
Save the following cloud definition to a file, replacing the endpoint. The scheme and the port for the endpoint is optional. Juju will prefix the endpoint with the HTTPS scheme and suffix with port 8443, by default if either don’t exist.
clouds: lxd-remote: type: lxd auth-types: [interactive, certificate] endpoint: $URL_TO_REMOTE_LXD
Add the cloud to Juju by sourcing the data in the file.
$ juju add-cloud lxd-remote $PATH_TO_CLOUDS_YAML
Adding Credentials for the Cloud
Save the following credential cloud file, replacing with the trust password accordingly.
credentials: lxd-remote: admin: auth-type: interactive trust-password: $TRUST_PASSWORD
Add the credentials in the file to Juju.
$ juju add-credential lxd-remote -f $PATH_TO_CREDENTIALS_YAML
Bootstrap to the New Cloud
$ juju bootstrap lxd-remote