landscape server #31

Supports: bionic xenial trusty
Add to new model

Description

A multi server Landscape Dedicated Server charm.


Overview

The Landscape systems management tool helps you monitor, manage and update your entire Ubuntu infrastructure from a single interface. Part of Canonical's Ubuntu Advantage support service, Landscape brings you intuitive systems management tools combined with world-class support.

This charm will deploy Landscape On Premises, and needs to be connected to other charms to be fully functional. Example deployments are given below.

For more information about Landscape, go to http://www.ubuntu.com/management

Standard Usage

The typical deployment of Landscape happens using a Juju bundle. This charm is not useful without a deployed bundle of services.

Please use one of the following bundle types depending on your needs:

For the landscape-scalable case:

$ juju deploy landscape-scalable

Customised Deployments

The standard deployment of Landscape will give you the latest released code. If you want a different version, different options, etc, you will need to download one of the bundles, and add/change options in the file before supplying it to juju.

On the bundle page, download the bundle.yaml file.

Configuration

Landscape is a commercial product and as such it needs configuration of a license and password protected repository before deployment. Please login to your "hosted account" (on landscape.canonical.com) to gather these details after purchasing seats for Landscape On Premises. All information is found by following a link on the left side of the page called "access the Landscape On Premises archive"

license-file

You can set this as a juju configuration option after deployment on each deployed landscape-service like:

$ juju set <landscape-service> "license-file=$(cat license-file)"

SSL

The pre-packaged bundles will ask the HAProxy charm to generate a self signed certificate. While useful for testing, this must not be used for production deployments.

For production deployments, you should include a "real" SSL certificate key pair that has been signed by a CA that your clients trust in the haproxy service configuration (or in the landscape-server service configuration if you need to use your haproxy service for other services too with different certificates).

Unit Testing

The Landscape charm is fairly well unit tested and new code changes should be submitted with unit tests. You can run them like this:

$ make test

Integration Testing

This charm makes use of juju-deployer and the charm-tools package to enable end-to-end integration testing. This is how you proceed with running them:

$ juju bootstrap localhost
$ make integration-test

Or if you want to use the packages from the lds-trunk PPA:

$ JUJU_MODEL=<model> make integration-test-trunk

The JUJU_MODEL environment variable can be omitted if you want to use the current model.


Configuration

install_keys
(string) List of signing keys for install_sources package sources, per charmhelpers standard format (a yaml list of strings encoded as a string). The keys should be the full ASCII armoured GPG public keys. While GPG key ids are also supported and looked up on a keyserver, operators should be aware that this mechanism is insecure. null can be used if a standard package signing key is used that will already be installed on the machine, and for PPA sources where the package signing key is securely retrieved from Launchpad.\n"
install_sources
(string) List of extra apt sources, per charm-helpers standard format (a yaml list of strings encoded as a string). Each source may be either a line that can be added directly to sources.list(5), or in the form ppa:<user>/<ppa-name> for adding Personal Package Archives, or a distribution component to enable.
['ppa:landscape/19.01']
key
(string) *DEPRECATED*. See install_keys Key ID to import to the apt keyring to support use with arbitary source configuration from outside of Launchpad archives or PPA's. In case multiple repositories are specified in the 'source' config key, this should be a comma-separated list of key IDs, one for each repository and in the same order. If a repository needs no key ID, the special keyword 'null' should be passed. Note that if 'source' (or one of its entries) is set to point ot a Launchpad PPA, there's no need to specify a key, since it gets automatically and securely fetched from Launchpad itself.
license-file
(string) License file for LDS, either as a base64-encoded string containing the actual license file data, or a file://, http:// or https:// URL pointing to the license file for download.
openid-logout-url
(string) OpenID provider URL to use to log out of Landscape.
openid-provider-url
(string) OpenID provider URL to use for authentication to Landscape.
root-url
(string) The root URL for this landscape deployment. If left blank the public IP of the first related HAproxy unit will be used instead.
smtp-relay-host
(string) The SMTP server to use to deliver outgoing mail.
source
(string) *DEPRECATED*. See install_sources The source from which to install the landscape packages. Possible values are: - A version number: "16.06" - A PPA URL: "ppa:landscape/16.06" - A full deb line: "deb http://ppa.launchpad.net/landscape/16.06/ubuntu xenial main" - A comma-separated list of the previous values, e.g. "16.06, ppa:juju/devel" (NOTE: using multiple repositories is meant for testing only, and not supported for production deployments, that should always just point to a single official Landscape PPA or a mirror of it).
ssl-cert
(string) base64 encoded SSL certificate to use for the Landscape server. It will be passed verbatim to the haproxy charm. If not set, a self-signed certificated will be used instead.
ssl-key
(string) base64 encoded private key for the default SSL certificate. If ssl_cert is not set, this will be ignored.
worker-counts
(int) Number of processes to spawn for message-server and ping-server. If set to 0, the charm will automatically pick a value trying to maximize the use of the compute/memory resources available on the unit.
2