> I think that Chuck was looking to have a relation available. In this way you could tunnel traffic from an application across the VPN perhaps? In the world of cross model relations, it might enable folks to wire traffic across clouds/DC in some interesting ways.
This is precisely what I was looking for. One easy example I thought of, is you could say deploy an SDN on the OpenVPN charm, and it would then inherit that SDN topology as an accessible network. This would aid in secure access to applications without requiring an ingress declaration in kubernetes for example. Sort of like an intranet running in the cloud, that's only available if you're participating in the network segment, but also has implications when debugging applications without having ssh access. You connect up to the VPN and start the network debug session. It would be a more robust solution than the current implementation of 'kubectl proxy'. This isn't new, and there's a few early solutions in the kubernetes community that leverage different VPN services. I think the idea of having it available across the board to any Juju deployment makes it slightly more powerful in that it lives on your infra level, not as a workload in the k8s stack. But that's just a preference. Great work on the charm Tengu team :) On Fri, Apr 14, 2017 at 8:56 AM Rick Harding <rick.hard...@canonical.com> wrote: > The delivery of the config files is interesting. There's nothing planning > in the gui at the moment for this. It's kind of an inverse "resources" idea > where you are building artifacts in the charm that you want clients to be > able to get access to. It's an interesting concept. It's a bit like actions > that generate a backup file or the like. The action can build the backup > and tell you where on disk it is, but then you need to juju scp it down. I > wonder if there's a specific action type that generates artifacts and then > there's a followup plugin/helper that automates the juju scp step for you > in a some nice way. > > I think that Chuck was looking to have a relation available. In this way > you could tunnel traffic from an application across the VPN perhaps? In the > world of cross model relations it might enable folks to wire traffic across > clouds/DC in some interesting ways. > > > > On Fri, Apr 14, 2017 at 9:47 AM Merlijn Sebrechts < > merlijn.sebrec...@gmail.com> wrote: > >> Thanks for the post! >> >> >> I'd really like to integrate this Charm more with JaaS. I'd like to give >> JaaS users the ability to download the client config files from the Juju >> GUI. Any idea if that's something that's being worked on? >> >> @chuck: I just watched the Juju show, what was the feature you were >> talking about? >> >> >> >> Kind regards >> Merlijn >> >> 2017-04-13 16:35 GMT+02:00 Rick Harding <rick.hard...@canonical.com>: >> >>> I wrote up a quick blog post [1] as I was tinkering with VPNs and the >>> OpenVPN charm [2] from the Tengu team is really nice and easy. It also does >>> some great work using metrics in Juju to output operational data. Running >>> juju metrics --all will show you how many clients are connected on each >>> unit. If you're a charmer, it might give you some new ideas for exposing >>> internal data in a really nice standard way. >>> >>> I just wanted to highlight it as something really useful for folks if >>> you've ever found yourself wishing you had a VPN around somewhere. >>> >>> 1: >>> http://mitechie.com/blog/2017/4/12/three-reasons-you-need-to-keep-a-vpn-in-your-pocket >>> 2: https://jujucharms.com/openvpn/ >>> >>> Rick >>> >>> -- >>> Juju mailing list >>> Juju@lists.ubuntu.com >>> Modify settings or unsubscribe at: >>> https://lists.ubuntu.com/mailman/listinfo/juju >>> >>> -- Juju Charmer Canonical Group Ltd. Ubuntu - Linux for human beings | www.ubuntu.com conjure-up canonical-kubernetes | jujucharms.com
-- Juju mailing list Juju@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/juju