juju gui #0

Supports: trusty
Add to new model


Web GUI for Juju

Juju GUI Charm

This charm makes it easy to deploy a Juju GUI into an existing environment.

Supported Browsers

The Juju GUI supports recent releases of the Chrome, Chromium, Firefox, Safari and Internet Explorer web browsers.

Demo and Staging Servers

The Juju GUI runs the Juju Charm Store on jujucharms.com. From there, you can browse charms, try the GUI, and build an example environment to export for use elsewhere.

A staging server is also available, running the latest and greatest version.

Deploying the Juju GUI using Juju Quickstart

Juju Quickstart is an opinionated command-line tool that quickly starts Juju and the GUI, whether you've never installed Juju or you have an existing Juju environment running.

For installation on precise and saucy, you'll need to enable the Juju PPA by first executing:

sudo add-apt-repository ppa:juju/stable
sudo apt-get update
sudo apt-get install juju-quickstart

For trusty the PPA is not required and you simply need to install it with:

sudo apt-get install juju-quickstart

At this point, just running juju-quickstart will deploy the Juju GUI. When possible, Quickstart conserves resources by installing the GUI on the bootstrap node. This colocation is not possible when using a local (LXC) environment.

Quickstart ends by opening the browser and automatically logging the user into the GUI, to observe and manage the environment visually. By default, the deployment uses self-signed certificates. The browser will ask you to accept a security exception once.

Deploying the Juju GUI the traditional way

Deploying the Juju GUI can be accomplished using Juju itself.

You need a configured and bootstrapped Juju environment: see the Juju docs about getting started, and then run the usual bootstrap command.

juju bootstrap

Next, you simply need to deploy the charm and expose it.

juju deploy juju-gui
juju expose juju-gui

The instructions above cause you to use a separate machine to work with the GUI. If you'd like to reduce your machine footprint (and perhaps your costs), you can colocate the GUI with the Juju bootstrap node, e.g.:

juju deploy juju-gui --to 0

Finally, you need to identify the GUI's URL. It can take a few minutes for the GUI to be built and to start; this command will let you see when it is ready to go by giving you regular status updates:

watch juju status

Eventually, at the end of the status you will see something that looks like this:

    charm: cs:trusty/juju-gui-42
    exposed: true
    relations: {}
        agent-state: started
        machine: 1
        - 80/tcp
        - 443/tcp
        public-address: ec2-www-xxx-yyy-zzz.compute-1.amazonaws.com

That means you can go to the public-address in my browser via HTTPS (https://ec2-www-xxx-yyy-zzz.compute-1.amazonaws.com/ in this example), and start configuring the rest of Juju with the GUI. You should see a similar web address. Accessing the GUI via HTTP will redirect to using HTTPS.

By default, the deployment uses self-signed certificates. The browser will ask you to accept a security exception once.

You will see a login form with the username fixed to "user-admin". The password is the same as your Juju environment's admin-secret. The login screen includes hints about where to find the environment's password.

Deploying behind a firewall

When using the default options the charm uses the network connection only for installing Deb packages from the default Ubuntu repositories. For this reason the charm can be deployed behind a firewall in the usual way:

juju deploy juju-gui

There are situations and customizations in which the charm needs to connect to the Internet:

  • juju-gui-source is set to a configuration that requires accessing an external source in order to fetch a release tarball or a Git checkout in order to build the source used by the charm.
  • builtin-server is set to false: in this case the charm adds an external Launchpad PPA to install the legacy server dependencies.

If, for any reason, you need to use the legacy server, it is still possible to deploy behind a firewall configuring the charm to pull the GUI release from a location you specify.

The config variable juju-gui-source allows a url: prefix which understands both http:// and file:// protocols. We will use this to load a local copy of the GUI source.

  1. Download the latest release of the Juju GUI Source from the Launchpad downloads page and save it to a location that will be accessible to the unit either via filesystem or HTTP.
  2. Set the config variable to that location using a command such as

    juju set juju-gui juju-gui-source=url:...

    where the ellipsis after the url: is your http:// or file:// URI. This may also be done during the deploy step using --config.

  3. If you had already tried to deploy the GUI and received an install error due to not being able to retrieve the source, you may also need to retry the unit with the following command (using the unit the GUI is deployed on):

    juju resolved --retry juju-gui/0

Upgrading the charm behind a firewall

When a new version of Juju GUI is released, the charm is updated to include the new release in the local releases repository. Assuming the new version is 1.0.1, after upgrading the charm, it is possible to also upgrade to the newer Juju GUI release by running the following:

juju set juju-gui-source=1.0.1

In this case the new version will be found in the local repository and therefore the charm will not attempt to connect to Launchpad.

The Juju GUI server

While the Juju GUI itself is a client-side JavaScript application, the charm installation also involves configuring and starting a GUI server, which is required to serve the application files and to enable some advanced features, so that using the GUI results in a seamless and powerful experience.

Builtin server

By default, a builtin server is installed and started by the charm. The builtin server is already included in the charm. For this reason, it does not require any external dependencies. The builtin server provides the following functionalities:

  1. It serves the Juju GUI static files, including support for ETags and basic server side URL routing.
  2. It supports running the GUI over TLS (HTTPS) or in insecure mode (HTTP).
  3. It redirects secure WebSocket connections established by the browser to the real Juju API endpoint. This way the GUI can connect the WebSocket to the host and port where it is currently running, so that the already accepted self signed certificate is reused and the connection succeeds.
  4. It supports running the Juju GUI browser tests if the charm is configured accordingly.
  5. It exposes an API for bundles deployment. This way bundles can be deployed very easily using the GUI, by selecting a bundle from the GUI browser or just dragging and dropping a bundle YAML file to the GUI canvas.
  6. It allows for logging in into the GUI via a timed token. This is used, for instance, by Juju Quickstart to allow automatic user's authentication.
  7. It supports deploying local charms by proxying browser HTTPS connections to the Juju HTTPS API backend. This also includes retrieving and listing local charms' files.

Legacy server

By switching the charm option builtin-server to false, the charm configures and start the legacy server in place of the builtin one. This configuration requires retrieving HAProxy from an external PPA and uses HAProxy and Apache to serve the Juju GUI.

Using the builtin server is the encouraged configuration, but if you decide to stick with the legacy server, be warned about the following limitations:

  • The legacy server is no longer supported/tested starting from trusty. Use it only if the charm is deployed on a precise machine.
  • The legacy server only provides features 1-4 from the list above. This means bundle deployments, timed authentication tokens and local charms are not available when using the legacy configuration.

Contacting the Developers

If you run into problems with the charm, please feel free to contact us on the Juju mailing list, or on Freenode's IRC network on #juju. We're not always around (working hours in Europe and North America are your best bets), but if you send us a mail or ping "jujugui" we will eventually get back to you.

If you want to help develop the charm, please see the charm's HACKING.md.


(boolean) Enable the built-in server, disabling both haproxy and Apache. This is a temporary option: the built-in server will be the only server in the future. Note that legacy server is no longer supported/tested starting from trusty. Switch this option to false only if the charm is deployed on a precise machine.
(string) Set the GUI server log level. Possible values are debug, info, warning and error. The log file is placed in /var/log/upstart/guiserver.log. This option is ignored if builtin-server is set to false.
(boolean) Configure the GUI to use locally cached fonts, rather than the Google CDN as supplied by the Google fonts API. The CDN is faster in almost every circumstance except local (LXC) environments, and so it is the default; but if a browser is running the GUI on a closed network, using cached fonts will let the GUI load much faster and render properly.
(string) The URL of the charm catalog site ("charmworld") from which charm catalog data will be drawn.
(string) The log file where stdout and stderr should be sent for all commands that are run by charm hooks.
(string) The Google Analytics key to use. Set to blank to disable analytics. The team developing the Juju GUI benefits from understanding how different deployments use the tool. By keeping the default key value, anonymized usage data is reported back using Google Analytics. The type of data collected includes the charms that are deployed and the number of units per service. Use of analytics is optional but we hope you will allow us to improve our tool based on your experience.
(boolean) Whether or not the console should be enabled for the browser.
(boolean) Run Juju GUI in debug mode, serving the uncompressed GUI source files.
(string) Where to install Juju GUI from. Possible values the following. - 'local' (default): The latest local release will be deployed. Releases are stored in the releases directory of this charm. - 'stable': The latest release from the "stable" series will be deployed. - 'develop': The latest, in development, version from the Git repository. - a specific release version (e.g '0.1.0' or '0.1.0+build.1'): The specified stable version will be deployed. A suitable release is looked up in the local releases repository (see the "local" choice above). If not found locally, the release will be downloaded from Launchpad. - a Git branch (e.g. 'https://github.com/juju/juju-gui.git' or 'https://github.com/mitechie/juju-gui.git updated-test-runner'): A release will be created and deployed from the specified Git repository. You can include a branch name or a specific commit SHA after the url to the Git repository to deploy that specific commit point. You may instead specify a commit SHA: (e.g. 'https://github.com/mitechie/juju-gui.git @de5e61bf9fa') which will clone the git repository and then check out the specified commit before building the release. - a URL: The release found at the given URL (ex: http://...) will be deployed.
(string) The help text shown to the user on the login screen. If not provided, a default message is used, suggesting how to find the login credentials.
(string) Used by the nrpe-external-master subordinate charm. A string that will be prepended to instance name to set the host name in nagios. So for instance the hostname would be something like: juju-myservice-0 If you are running multiple environments with the same services in them this allows you to differentiate between them.
(string) If given, the password to use for the environment to immediately connect. Do not set unless you understand and accept the risks.
(boolean) Whether or not the GUI is in read-only mode. Note that read-only mode is advisory, and enforced only in the client. If someone can access the websocket and has the password, they can send commands over the websocket to mutate the environment.
(string) The charm depends on several software packages that are not packaged in Ubuntu. In order to ensure that only versions known to work with our charm are used, there is a single PPA where all packages are kept. The juju-gui-charmers team supports 'stable' and 'devel' versions. Only stable should be used for production. For enterprise deployments that do not allow access to resources outside of their control, the location can be any specification as long as it is recognizable by 'add-apt-repository'.
(boolean) Run using an in-memory sandbox rather than a real Juju backend. Sandbox is a client side construct running entirely in the client. Sandbox does not currently support imported environment simulation.
(boolean) Set to false to serve the GUI over an insecure HTTP connection. Do not set unless you understand and accept the risks.
(boolean) Whether or not the GUI unit tests are exposed. If this option is enabled, unit tests can be run in the browser by visiting the URL "https://[Juju GUI address]/test/".
(boolean) There are deployment modes for Juju GUI which are not intended as regular use mode. In these cases, login/logout are disabled and instead there is a link to juju.ubuntu.com
(string) The contents of the certificate file to be used in SSL connections to the GUI. Both ssl-cert-contents and ssl-key-contents must be provided. If not, cetificates will be automatically generated.
(string) The path to the directory where the SSL certificates are stored.
(string) The contents of the private key file to be used in SSL connections to the GUI. Both ssl-cert-contents and ssl-key-contents must be provided. If not, cetificates will be automatically generated.