applications can be consumed from another model to expose that application in the user's model; both models must be in the same controller
the feature flag"cross-model" must be enabled
Offers are created in a flat namespace relative to their host model. The path to an offer is:
[<controller>:]<user>/<model>.<offer-name>
Models are namespaced to the user who owns the model.
Scope
Initially, networking concerns are out of scope. Where an application to be offered is deployed on a machine with a public IP address, the public address will be advertised as that to which a consuming application may connect. However, for future releases, if we can determine that traffic between offer and consuming application is routable to the cloud local address, the use of a public address can be avoided. Typically, to use the cloud local address, we will enforce that each model will have the same:
region
tenant/credentials
any cloud specific network concerns such as vpc id
NB: the current experimental release always uses the public address.
The Hello World Case
A user(fred) deploys a charm they want to share:
$ juju add-model prod
$ juju deploy mysql
An offer is created:
$ juju offer mysql:db hosted-mysql
application"mysql" endpoints[db] available at"admin/prod.hosted-mysql"
the model needs to be qualified by username if it is someone else's model, otherwise the <user> component of the model path is optional.
Consume an Application
A user may wish to consume an application offer without relating to it. In this case the application appears in status and its lifecycle(alive, dead etc) is monitored. The remote application will also appear on the GUI canvas[1]. The same URL argument as used for relate is required.
$ juju consume mary/prod.hosted-mysql
added application"hosted-mysql" from model mary/prod
added application"hosted-mysql" as"local-mysql" from model mary/prod
The consume step is optional. juju relate can be used directly without first consuming.
[1] The GUI does not yet support displaying cross model applications.
Access Control- Permissions
Permissions are required to allow a user to relate to an application in another model for cases where the user is not the same one who created the offer.
Permissions are attached to each offer. The relevant permissions are:
read: a user can see the offer exists and its details
Single Controller
Scope
The Hello World Case
Consume an Application
Access Control - Permissions