From 34e0c038400a1d0f96cccbdb1745d38c33caeba4 Mon Sep 17 00:00:00 2001
From: Arif Ali <arif.ali@canonical.com>
Date: Mon, 6 Dec 2021 22:42:10 +0000
Subject: [PATCH] Many more changes see description

* Update all relations to be more specific, this helps
  with --dry-run
* Update constraints, so that its balanced across the 3 systems
* Update overlay to fix versions
* ensure pause_minority for rabbitmq
* Add lxd metadata url
---
 config/bundle_bionic.yaml                     | 210 ++++++++----------
 config/bundle_focal.yaml                      | 186 +++++++---------
 config/juju-model-default-cis-bionic.yaml     |  89 --------
 ...focal.yaml => juju-model-default-cis.yaml} |   3 +-
 config/juju-model-default.yaml                |  12 +-
 config/juju_deploy_focal.sh                   |   4 +-
 config/overlays/ldap.yaml                     |   6 +-
 .../openstack_versioned_overlay_focal.yaml    |  12 +
 8 files changed, 205 insertions(+), 317 deletions(-)
 delete mode 100644 config/juju-model-default-cis-bionic.yaml
 rename config/{juju-model-default-cis-focal.yaml => juju-model-default-cis.yaml} (98%)

diff --git a/config/bundle_bionic.yaml b/config/bundle_bionic.yaml
index 72378f9..0f18531 100644
--- a/config/bundle_bionic.yaml
+++ b/config/bundle_bionic.yaml
@@ -132,64 +132,45 @@ machines:
   # Baremetals
   # Control Nodes
   "100":
-    constraints: tags=control
+    constraints: tags=control,asrock01
   "101":
-    constraints: tags=control
+    constraints: tags=control,asrock02
   "102":
-    constraints: tags=control
+    constraints: tags=control,asrock03
   # LMA Nodes
   "200":
-    constraints: tags=compute
+    constraints: tags=compute,asrock01
   "201":
-    constraints: tags=compute
+    constraints: tags=compute,asrock02
   "202":
-    constraints: tags=compute
+    constraints: tags=compute,asrock03
   # Landscape Nodes
   "300":
-    constraints: tags=compute
+    constraints: tags=compute,asrock01
   "301":
-    constraints: tags=compute
+    constraints: tags=compute,asrock02
   "302":
-    constraints: tags=compute
+    constraints: tags=compute,asrock03
   # Contrail Nodes
   "400":
-    constraints: tags=control
+    constraints: tags=control,asrock01
   "401":
-    constraints: tags=control
+    constraints: tags=control,asrock02
   "402":
-    constraints: tags=control
-#  "500":
-#    constraints: tags=compute
-#  "501":
-#    constraints: tags=compute
-#  "502":
-#    constraints: tags=compute
-#  "503":
-#    constraints: tags=compute
-#  "504":
-#    constraints: tags=compute
-#  "505":
-#    constraints: tags=compute
-#  "506":
-#    constraints: tags=compute
-#  "507":
-#    constraints: tags=compute
-#  "508":
-#    constraints: tags=compute
-  
+    constraints: tags=control,asrock03
   # hyper-converged nova/ceph Nodes
   "1000":
-    constraints: tags=compute
+    constraints: tags=compute,asrock01
   "1001":
-    constraints: tags=compute
+    constraints: tags=compute,asrock02
   "1002":
-    constraints: tags=compute
+    constraints: tags=compute,asrock03
   "1003":
-    constraints: tags=compute
+    constraints: tags=compute,asrock01
   "1004":
-    constraints: tags=compute
+    constraints: tags=compute,asrock02
   "1005":
-    constraints: tags=compute
+    constraints: tags=compute,asrock03
 
 applications:
   # HAcluster
@@ -662,7 +643,7 @@ applications:
     options:
       source: *openstack-origin
       min-cluster-size: 3
-      cluster-partition-handling: ignore
+      cluster-partition-handling: pause_minority
     num_units: 3
     to:
     - lxd:100
@@ -706,6 +687,7 @@ applications:
 # LMA stack applications
   landscape-server:
     charm: cs:landscape-server
+    series: bionic
     bindings:
       "": *oam-space
     options:
@@ -742,13 +724,14 @@ applications:
     options:
       source: *openstack-origin
       min-cluster-size: 3
-      cluster-partition-handling: ignore
+      cluster-partition-handling: pause_minority
     to:
     - lxd:300
     - lxd:301
     - lxd:302
   landscape-postgresql:
     charm: cs:postgresql
+    series: bionic
     bindings:
       "": *oam-space
     options:
@@ -774,7 +757,6 @@ applications:
     - lxd:302
   graylog:
     charm: cs:graylog
-    series: bionic
     bindings:
       "": *oam-space
     num_units: 1
@@ -942,7 +924,6 @@ applications:
       #url: https://landscape.example.com/message-system
   prometheus:
     charm: cs:prometheus2
-    series: bionic
     bindings:
       "": *oam-space
     num_units: 1
@@ -960,7 +941,6 @@ applications:
     - lxd:201
   grafana:
     charm: cs:~prometheus-charmers/grafana
-    series: bionic
     bindings:
       "": *oam-space
     options:
@@ -1089,7 +1069,6 @@ applications:
 #        -----END PGP PUBLIC KEY BLOCK-----
   prometheus-ceph-exporter:
     charm: cs:prometheus-ceph-exporter
-    series: bionic
     bindings:
       "": *oam-space
       ceph: *ceph-public-space
@@ -1264,15 +1243,15 @@ relations:
   - [ "neutron-gateway:juju-info", "sysconfig-control:juju-info" ]
 
   # Neutron-gateway relations
-  - [ "neutron-gateway", "nova-cloud-controller" ]
+  - [ "neutron-gateway:quantum-network-service", "nova-cloud-controller:quantum-network-service" ]
   - [ "neutron-gateway:amqp", "rabbitmq-server:amqp" ]
   - [ "neutron-gateway:neutron-plugin-api", "neutron-api:neutron-plugin-api" ]
   - [ "neutron-gateway:juju-info", "ntp:juju-info" ]
 
   # Neutron-openvswitch relations
   - [ "neutron-openvswitch:amqp" , "rabbitmq-server:amqp" ]
-  - [ "neutron-openvswitch" , "neutron-api" ]
-  - [ "neutron-openvswitch" , "nova-compute" ]
+  - [ "neutron-openvswitch:neutron-plugin-api" , "neutron-api:neutron-plugin-api" ]
+  - [ "neutron-openvswitch:neutron-plugin" , "nova-compute:neutron-plugin" ]
 
   # vault stuff
   - [ "vault:shared-db", "mysql:shared-db" ]
@@ -1373,90 +1352,90 @@ relations:
   - [ "juniper-server:juju-info", "ntp:juju-info" ]
 
   # LMA/landscape subordinates
-  - [ "nova-compute", "filebeat" ]
-  - [ "nova-compute", "telegraf" ]
-  - [ "nova-compute", "nrpe-host" ]
-  - [ "nova-compute", "landscape-client" ]
+  - [ "nova-compute:juju-info", "filebeat:beats-host" ]
+  - [ "nova-compute:juju-info", "telegraf:juju-info" ]
+  - [ "nova-compute:nrpe-external-master", "nrpe-host:nrpe-external-master" ]
+  - [ "nova-compute:juju-info", "landscape-client:container" ]
 
-  - [ "neutron-gateway", "filebeat" ]
-  - [ "neutron-gateway", "telegraf" ]
-  - [ "neutron-gateway", "nrpe-host" ]
-  - [ "neutron-gateway", "landscape-client" ]
+  - [ "neutron-gateway:juju-info", "filebeat:beats-host" ]
+  - [ "neutron-gateway:juju-info", "telegraf:juju-info" ]
+  - [ "neutron-gateway:nrpe-external-master", "nrpe-host:nrpe-external-master" ]
+  - [ "neutron-gateway:juju-info", "landscape-client:container" ]
 
-  - [ "keystone", "filebeat" ]
-  - [ "keystone", "telegraf" ]
-  - [ "keystone", "nrpe-container" ]
-  - [ "keystone", "landscape-client" ]
+  - [ "keystone:juju-info", "filebeat:beats-host" ]
+  - [ "keystone:juju-info", "telegraf:juju-info" ]
+  - [ "keystone:nrpe-external-master", "nrpe-container:nrpe-external-master" ]
+  - [ "keystone:juju-info", "landscape-client:container" ]
 
-  - [ "glance", "filebeat" ]
-  - [ "glance", "telegraf" ]
-  - [ "glance", "nrpe-container" ]
-  - [ "glance", "landscape-client" ]
+  - [ "glance:juju-info", "filebeat:beats-host" ]
+  - [ "glance:juju-info", "telegraf:juju-info" ]
+  - [ "glance:nrpe-external-master", "nrpe-container:nrpe-external-master" ]
+  - [ "glance:juju-info", "landscape-client:container" ]
 
-  - [ "cinder", "filebeat" ]
-  - [ "cinder", "telegraf" ]
-  - [ "cinder", "nrpe-container" ]
-  - [ "cinder", "landscape-client" ]
+  - [ "cinder:juju-info", "filebeat:beats-host" ]
+  - [ "cinder:juju-info", "telegraf:juju-info" ]
+  - [ "cinder:nrpe-external-master", "nrpe-container:nrpe-external-master" ]
+  - [ "cinder:juju-info", "landscape-client:container" ]
 
-#  - [ "cinder2", "filebeat" ]
-#  - [ "cinder2", "telegraf" ]
-#  - [ "cinder2", "nrpe-container" ]
-#  - [ "cinder2", "landscape-client" ]
+#  - [ "cinder2:juju-info", "filebeat:beats-host" ]
+#  - [ "cinder2:juju-info", "telegraf:juju-info" ]
+#  - [ "cinder2:nrpe-external-master", "nrpe-container:nrpe-external-master" ]
+#  - [ "cinder2:juju-info", "landscape-client:container" ]
 
-  - [ "heat", "filebeat" ]
-  - [ "heat", "telegraf" ]
-  - [ "heat", "nrpe-container" ]
-  - [ "heat", "landscape-client" ]
+  - [ "heat:juju-info", "filebeat:beats-host" ]
+  - [ "heat:juju-info", "telegraf:juju-info" ]
+  - [ "heat:nrpe-external-master", "nrpe-container:nrpe-external-master" ]
+  - [ "heat:juju-info", "landscape-client:container" ]
 
-  - [ "mysql", "filebeat" ]
-  - [ "mysql", "telegraf" ]
-  - [ "mysql", "nrpe-container" ]
-  - [ "mysql", "landscape-client" ]
+  - [ "mysql:juju-info", "filebeat:beats-host" ]
+  - [ "mysql:juju-info", "telegraf:juju-info" ]
+  - [ "mysql:juju-info", "nrpe-container:general-info" ]
+  - [ "mysql:juju-info", "landscape-client:container" ]
 
-  - [ "ceph-mon", "filebeat" ]
-  - [ "ceph-mon", "telegraf" ]
-  - [ "ceph-mon", "nrpe-container" ]
-  - [ "ceph-mon", "landscape-client" ]
+  - [ "ceph-mon:juju-info", "filebeat:beats-host" ]
+  - [ "ceph-mon:juju-info", "telegraf:juju-info" ]
+  - [ "ceph-mon:nrpe-external-master", "nrpe-container:nrpe-external-master" ]
+  - [ "ceph-mon:juju-info", "landscape-client:container" ]
 
-  - [ "neutron-api", "filebeat" ]
-  - [ "neutron-api", "telegraf" ]
-  - [ "neutron-api", "nrpe-container" ]
-  - [ "neutron-api", "landscape-client" ]
+  - [ "neutron-api:juju-info", "filebeat:beats-host" ]
+  - [ "neutron-api:juju-info", "telegraf:juju-info" ]
+  - [ "neutron-api:nrpe-external-master", "nrpe-container:nrpe-external-master" ]
+  - [ "neutron-api:juju-info", "landscape-client:container" ]
 
-  - [ "rabbitmq-server", "filebeat" ]
-  - [ "rabbitmq-server", "telegraf" ]
-  - [ "rabbitmq-server", "nrpe-container" ]
-  - [ "rabbitmq-server", "landscape-client" ]
+  - [ "rabbitmq-server:juju-info", "filebeat:beats-host" ]
+  - [ "rabbitmq-server:juju-info", "telegraf:juju-info" ]
+  - [ "rabbitmq-server:nrpe-external-master", "nrpe-container:nrpe-external-master" ]
+  - [ "rabbitmq-server:juju-info", "landscape-client:container" ]
 
-  - [ "openstack-dashboard", "filebeat" ]
-  - [ "openstack-dashboard", "telegraf" ]
-  - [ "openstack-dashboard", "nrpe-container" ]
-  - [ "openstack-dashboard", "landscape-client" ]
+  - [ "openstack-dashboard:juju-info", "filebeat:beats-host" ]
+  - [ "openstack-dashboard:juju-info", "telegraf:juju-info" ]
+  - [ "openstack-dashboard:nrpe-external-master", "nrpe-container:nrpe-external-master" ]
+  - [ "openstack-dashboard:juju-info", "landscape-client:container" ]
 
-  - [ "nova-cloud-controller", "filebeat" ]
-  - [ "nova-cloud-controller", "telegraf" ]
-  - [ "nova-cloud-controller", "nrpe-container" ]
-  - [ "nova-cloud-controller", "landscape-client" ]
+  - [ "nova-cloud-controller:juju-info", "filebeat:beats-host" ]
+  - [ "nova-cloud-controller:juju-info", "telegraf:juju-info" ]
+  - [ "nova-cloud-controller:nrpe-external-master", "nrpe-container:nrpe-external-master" ]
+  - [ "nova-cloud-controller:juju-info", "landscape-client:container" ]
 
-  - [ "gnocchi", "filebeat" ]
-  - [ "gnocchi", "telegraf" ]
-  - [ "gnocchi", "nrpe-container" ]
-  - [ "gnocchi", "landscape-client" ]
+  - [ "gnocchi:juju-info", "filebeat:beats-host" ]
+  - [ "gnocchi:juju-info", "telegraf:juju-info" ]
+  - [ "gnocchi:juju-info", "nrpe-container:general-info" ]
+  - [ "gnocchi:juju-info", "landscape-client:container" ]
 
-  - [ "ceilometer", "filebeat" ]
-  - [ "ceilometer", "telegraf" ]
-  - [ "ceilometer", "nrpe-container" ]
-  - [ "ceilometer", "landscape-client" ]
+  - [ "ceilometer:juju-info", "filebeat:beats-host" ]
+  - [ "ceilometer:juju-info", "telegraf:juju-info" ]
+  - [ "ceilometer:nrpe-external-master", "nrpe-container:nrpe-external-master" ]
+  - [ "ceilometer:juju-info", "landscape-client:container" ]
 
-  - [ "aodh", "filebeat" ]
-  - [ "aodh", "telegraf" ]
-  - [ "aodh", "landscape-client" ]
-  - [ "aodh", "nrpe-container" ]
+  - [ "aodh:juju-info", "filebeat:beats-host" ]
+  - [ "aodh:juju-info", "telegraf:juju-info" ]
+  - [ "aodh:juju-info", "nrpe-container:general-info" ]
+  - [ "aodh:juju-info", "landscape-client:container" ]
 
-  - [ "juniper-server", "telegraf" ]
-  - [ "juniper-server", "filebeat" ]
-  - [ "juniper-server", "landscape-client" ]
-  - [ "juniper-server", "nrpe-host" ]
+  - [ "juniper-server:juju-info", "filebeat:beats-host" ]
+  - [ "juniper-server:juju-info", "telegraf:juju-info" ]
+  - [ "juniper-server:juju-info", "landscape-client:container" ]
+  - [ "juniper-server:juju-info", "nrpe-host:general-info" ]
 
   - [ "hacluster-aodh:nrpe-external-master", "nrpe-container:nrpe-external-master" ]
   - [ "hacluster-cinder:nrpe-external-master", "nrpe-container:nrpe-external-master" ]
@@ -1498,6 +1477,3 @@ relations:
   - [ "landscape-server:amqp", "landscape-rabbitmq-server:amqp" ]
   - [ "landscape-server:website", "landscape-haproxy:reverseproxy" ]
   - [ "landscape-server:db", "landscape-postgresql:db-admin" ]
-
-
-
diff --git a/config/bundle_focal.yaml b/config/bundle_focal.yaml
index 8da07c0..f970e82 100644
--- a/config/bundle_focal.yaml
+++ b/config/bundle_focal.yaml
@@ -169,38 +169,19 @@ machines:
     constraints: tags=compute,asrock02
   "402":
     constraints: tags=compute,asrock03
-#  "500":
-#    constraints: tags=compute
-#  "501":
-#    constraints: tags=compute
-#  "502":
-#    constraints: tags=compute
-#  "503":
-#    constraints: tags=compute
-#  "504":
-#    constraints: tags=compute
-#  "505":
-#    constraints: tags=compute
-#  "506":
-#    constraints: tags=compute
-#  "507":
-#    constraints: tags=compute
-#  "508":
-#    constraints: tags=compute
-  
   # hyper-converged nova/ceph Nodes
   "1000":
-    constraints: tags=compute
+    constraints: tags=compute,asrock01
   "1001":
-    constraints: tags=compute
+    constraints: tags=compute,asrock01
   "1002":
-    constraints: tags=compute
+    constraints: tags=compute,asrock02
   "1003":
-    constraints: tags=compute
+    constraints: tags=compute,asrock02
   "1004":
-    constraints: tags=compute
+    constraints: tags=compute,asrock03
   "1005":
-    constraints: tags=compute
+    constraints: tags=compute,asrock03
 
 applications:
   # HAcluster
@@ -866,7 +847,7 @@ applications:
     options:
       source: *openstack-origin
       min-cluster-size: 3
-      cluster-partition-handling: ignore
+      cluster-partition-handling: pause_minority
     to:
     - lxd:300
     - lxd:301
@@ -1413,15 +1394,15 @@ relations:
   - [ "controller-server:juju-info", "sysconfig-control:juju-info" ]
 
   # Neutron-gateway relations
-  - [ "neutron-gateway", "nova-cloud-controller" ]
+  - [ "neutron-gateway:quantum-network-service", "nova-cloud-controller:quantum-network-service" ]
   - [ "neutron-gateway:amqp", "rabbitmq-server:amqp" ]
   - [ "neutron-gateway:neutron-plugin-api", "neutron-api:neutron-plugin-api" ]
   - [ "neutron-gateway:juju-info", "ntp:juju-info" ]
 
   # Neutron-openvswitch relations
   - [ "neutron-openvswitch:amqp" , "rabbitmq-server:amqp" ]
-  - [ "neutron-openvswitch" , "neutron-api" ]
-  - [ "neutron-openvswitch" , "nova-compute" ]
+  - [ "neutron-openvswitch:neutron-plugin-api" , "neutron-api:neutron-plugin-api" ]
+  - [ "neutron-openvswitch:neutron-plugin" , "nova-compute:neutron-plugin" ]
 
   # vault stuff
   - [ "vault:shared-db", "vault-mysql-router:shared-db" ]
@@ -1526,95 +1507,95 @@ relations:
   - [ "grafana:dashboards", "telegraf-prometheus:dashboards" ]
 
   # LMA/landscape subordinates
-  - [ "nova-compute", "filebeat" ]
-  - [ "nova-compute", "telegraf" ]
-  - [ "nova-compute", "nrpe-host" ]
-  - [ "nova-compute", "landscape-client" ]
+  - [ "nova-compute:juju-info", "filebeat:beats-host" ]
+  - [ "nova-compute:juju-info", "telegraf:juju-info" ]
+  - [ "nova-compute:nrpe-external-master", "nrpe-host:nrpe-external-master" ]
+  - [ "nova-compute:juju-info", "landscape-client:container" ]
 
-  - [ "neutron-gateway", "filebeat" ]
-  - [ "neutron-gateway", "telegraf" ]
-  - [ "neutron-gateway", "nrpe-host" ]
-  - [ "neutron-gateway", "landscape-client" ]
+  - [ "neutron-gateway:juju-info", "filebeat:beats-host" ]
+  - [ "neutron-gateway:juju-info", "telegraf:juju-info" ]
+  - [ "neutron-gateway:nrpe-external-master", "nrpe-host:nrpe-external-master" ]
+  - [ "neutron-gateway:juju-info", "landscape-client:container" ]
 
-  - [ "keystone", "filebeat" ]
-  - [ "keystone", "telegraf" ]
-  - [ "keystone", "nrpe-container" ]
-  - [ "keystone", "landscape-client" ]
+  - [ "keystone:juju-info", "filebeat:beats-host" ]
+  - [ "keystone:juju-info", "telegraf:juju-info" ]
+  - [ "keystone:nrpe-external-master", "nrpe-container:nrpe-external-master" ]
+  - [ "keystone:juju-info", "landscape-client:container" ]
 
-  - [ "glance", "filebeat" ]
-  - [ "glance", "telegraf" ]
-  - [ "glance", "nrpe-container" ]
-  - [ "glance", "landscape-client" ]
+  - [ "glance:juju-info", "filebeat:beats-host" ]
+  - [ "glance:juju-info", "telegraf:juju-info" ]
+  - [ "glance:nrpe-external-master", "nrpe-container:nrpe-external-master" ]
+  - [ "glance:juju-info", "landscape-client:container" ]
 
-  - [ "cinder", "filebeat" ]
-  - [ "cinder", "telegraf" ]
-  - [ "cinder", "nrpe-container" ]
-  - [ "cinder", "landscape-client" ]
+  - [ "cinder:juju-info", "filebeat:beats-host" ]
+  - [ "cinder:juju-info", "telegraf:juju-info" ]
+  - [ "cinder:nrpe-external-master", "nrpe-container:nrpe-external-master" ]
+  - [ "cinder:juju-info", "landscape-client:container" ]
 
-#  - [ "cinder2", "filebeat" ]
-#  - [ "cinder2", "telegraf" ]
-#  - [ "cinder2", "nrpe-container" ]
-#  - [ "cinder2", "landscape-client" ]
+#  - [ "cinder2:juju-info", "filebeat:beats-host" ]
+#  - [ "cinder2:juju-info", "telegraf:juju-info" ]
+#  - [ "cinder2:nrpe-external-master", "nrpe-container:nrpe-external-master" ]
+#  - [ "cinder2:juju-info", "landscape-client:container" ]
 
-  - [ "heat", "filebeat" ]
-  - [ "heat", "telegraf" ]
-  - [ "heat", "nrpe-container" ]
-  - [ "heat", "landscape-client" ]
+  - [ "heat:juju-info", "filebeat:beats-host" ]
+  - [ "heat:juju-info", "telegraf:juju-info" ]
+  - [ "heat:nrpe-external-master", "nrpe-container:nrpe-external-master" ]
+  - [ "heat:juju-info", "landscape-client:container" ]
 
-  - [ "mysql", "filebeat" ]
-  - [ "mysql", "telegraf" ]
-  - [ "mysql", "nrpe-container" ]
-  - [ "mysql", "landscape-client" ]
+  - [ "mysql:juju-info", "filebeat:beats-host" ]
+  - [ "mysql:juju-info", "telegraf:juju-info" ]
+  - [ "mysql:juju-info", "nrpe-container:general-info" ]
+  - [ "mysql:juju-info", "landscape-client:container" ]
 
-  - [ "ceph-mon", "filebeat" ]
-  - [ "ceph-mon", "telegraf" ]
-  - [ "ceph-mon", "nrpe-container" ]
-  - [ "ceph-mon", "landscape-client" ]
+  - [ "ceph-mon:juju-info", "filebeat:beats-host" ]
+  - [ "ceph-mon:juju-info", "telegraf:juju-info" ]
+  - [ "ceph-mon:nrpe-external-master", "nrpe-container:nrpe-external-master" ]
+  - [ "ceph-mon:juju-info", "landscape-client:container" ]
 
-  - [ "neutron-api", "filebeat" ]
-  - [ "neutron-api", "telegraf" ]
-  - [ "neutron-api", "nrpe-container" ]
-  - [ "neutron-api", "landscape-client" ]
+  - [ "neutron-api:juju-info", "filebeat:beats-host" ]
+  - [ "neutron-api:juju-info", "telegraf:juju-info" ]
+  - [ "neutron-api:nrpe-external-master", "nrpe-container:nrpe-external-master" ]
+  - [ "neutron-api:juju-info", "landscape-client:container" ]
 
-  - [ "rabbitmq-server", "filebeat" ]
-  - [ "rabbitmq-server", "telegraf" ]
-  - [ "rabbitmq-server", "nrpe-container" ]
-  - [ "rabbitmq-server", "landscape-client" ]
+  - [ "rabbitmq-server:juju-info", "filebeat:beats-host" ]
+  - [ "rabbitmq-server:juju-info", "telegraf:juju-info" ]
+  - [ "rabbitmq-server:nrpe-external-master", "nrpe-container:nrpe-external-master" ]
+  - [ "rabbitmq-server:juju-info", "landscape-client:container" ]
 
-  - [ "openstack-dashboard", "filebeat" ]
-  - [ "openstack-dashboard", "telegraf" ]
-  - [ "openstack-dashboard", "nrpe-container" ]
-  - [ "openstack-dashboard", "landscape-client" ]
+  - [ "openstack-dashboard:juju-info", "filebeat:beats-host" ]
+  - [ "openstack-dashboard:juju-info", "telegraf:juju-info" ]
+  - [ "openstack-dashboard:nrpe-external-master", "nrpe-container:nrpe-external-master" ]
+  - [ "openstack-dashboard:juju-info", "landscape-client:container" ]
 
-  - [ "nova-cloud-controller", "filebeat" ]
-  - [ "nova-cloud-controller", "telegraf" ]
-  - [ "nova-cloud-controller", "nrpe-container" ]
-  - [ "nova-cloud-controller", "landscape-client" ]
+  - [ "nova-cloud-controller:juju-info", "filebeat:beats-host" ]
+  - [ "nova-cloud-controller:juju-info", "telegraf:juju-info" ]
+  - [ "nova-cloud-controller:nrpe-external-master", "nrpe-container:nrpe-external-master" ]
+  - [ "nova-cloud-controller:juju-info", "landscape-client:container" ]
 
-  - [ "gnocchi", "filebeat" ]
-  - [ "gnocchi", "telegraf" ]
-  - [ "gnocchi", "nrpe-container" ]
-  - [ "gnocchi", "landscape-client" ]
+  - [ "gnocchi:juju-info", "filebeat:beats-host" ]
+  - [ "gnocchi:juju-info", "telegraf:juju-info" ]
+  - [ "gnocchi:juju-info", "nrpe-container:general-info" ]
+  - [ "gnocchi:juju-info", "landscape-client:container" ]
 
-  - [ "ceilometer", "filebeat" ]
-  - [ "ceilometer", "telegraf" ]
-  - [ "ceilometer", "nrpe-container" ]
-  - [ "ceilometer", "landscape-client" ]
+  - [ "ceilometer:juju-info", "filebeat:beats-host" ]
+  - [ "ceilometer:juju-info", "telegraf:juju-info" ]
+  - [ "ceilometer:nrpe-external-master", "nrpe-container:nrpe-external-master" ]
+  - [ "ceilometer:juju-info", "landscape-client:container" ]
 
-  - [ "aodh", "filebeat" ]
-  - [ "aodh", "telegraf" ]
-  - [ "aodh", "landscape-client" ]
-  - [ "aodh", "nrpe-container" ]
+  - [ "aodh:juju-info", "filebeat:beats-host" ]
+  - [ "aodh:juju-info", "telegraf:juju-info" ]
+  - [ "aodh:juju-info", "nrpe-container:general-info" ]
+  - [ "aodh:juju-info", "landscape-client:container" ]
 
-  - [ "placement", "filebeat" ]
-  - [ "placement", "telegraf" ]
-  - [ "placement", "landscape-client" ]
-  - [ "placement", "nrpe-container" ]
+  - [ "placement:juju-info", "filebeat:beats-host" ]
+  - [ "placement:juju-info", "telegraf:juju-info" ]
+  - [ "placement:juju-info", "nrpe-container:general-info" ]
+  - [ "placement:juju-info", "landscape-client:container" ]
 
-  - [ "juniper-server", "telegraf" ]
-  - [ "juniper-server", "filebeat" ]
-  - [ "juniper-server", "landscape-client" ]
-  - [ "juniper-server", "nrpe-host" ]
+  - [ "juniper-server:juju-info", "filebeat:beats-host" ]
+  - [ "juniper-server:juju-info", "telegraf:juju-info" ]
+  - [ "juniper-server:juju-info", "landscape-client:container" ]
+  - [ "juniper-server:juju-info", "nrpe-host:general-info" ]
 
   - [ "hacluster-aodh:nrpe-external-master", "nrpe-container:nrpe-external-master" ]
   - [ "hacluster-cinder:nrpe-external-master", "nrpe-container:nrpe-external-master" ]
@@ -1656,6 +1637,3 @@ relations:
   - [ "landscape-server:amqp", "landscape-rabbitmq-server:amqp" ]
   - [ "landscape-server:website", "landscape-haproxy:reverseproxy" ]
   - [ "landscape-server:db", "landscape-postgresql:db-admin" ]
-
-
-
diff --git a/config/juju-model-default-cis-bionic.yaml b/config/juju-model-default-cis-bionic.yaml
deleted file mode 100644
index a69e05f..0000000
--- a/config/juju-model-default-cis-bionic.yaml
+++ /dev/null
@@ -1,89 +0,0 @@
-cloudinit-userdata: |
-  packages:
-    - squashfuse
-    - libopenscap8
-  write_files:
-  - owner: root:root
-    path: /root/99-post-juju.yaml
-    permissions: '0644'
-    content: |
-      network:
-        version: 2
-        ethernets:
-          ens3:
-            link-local: []
-          ens4:
-            link-local: []
-          ens5:
-            link-local: []
-          ens6:
-            link-local: []
-          ens7:
-            link-local: []
-          ens8:
-            link-local: []
-          ens9:
-            link-local: []
-  - owner: root:root
-    path: /tmp/cis-hardening.conf
-    permissions: '0644'
-    content: |
-      # Hash created by grub-mkpasswd-pbkdf2 to set grub password. If empty, grub password
-      # is not set.
-      # (CIS rule 1.4.2)
-      grub_hash=
-      # Grub user set for authentication
-      grub_user=root
-
-      # Time synchronization service selected (ntp or chrony - if empty, none will be installed)
-      # (CIS rule 2.2.1.1-2.2.1.3)
-      time_sync_svc=
-      time_sync_addr=
-
-      # Audit log storage size, before log is automatically rotated
-      # (CIS rule 4.1.1.1)
-      max_log_file=8
-
-      # Remote log host address (CIS rule 4.2.2.4)
-      # Use the format loghost.example.com:554, to define the port
-      remote_log_server=
-
-      # SSH access limitation parameters at /etc/ssh/sshd_config (CIS rule 5.2.14)
-      AllowUsers=ubuntu
-      AllowGroups=
-      DenyUsers=
-      DenyGroups=
-
-      # PAM password quality parameters at /etc/security/pwquality.conf (CIS rule 5.3.1)
-      minlen=14
-      dcredit=-1
-      ucredit=-1
-      ocredit=-1
-      lcredit=-1
-
-      # sudo group members, aside from root (CIS rule 5.6)
-      sudo_member=
-
-      # Unowned files will be changed to this user (CIS rule 6.1.11)
-      unowned_user=root
-      # Ungrouped files will be changed to this user (CIS rule 6.1.12)
-      unowned_group=root
-
-      # Delete files in the home directory which violate CIS rules (CIS rules 6.2.11, 6.2.12, 6.2.14)
-      delete_user_files=true
-  preruncmd:
-    - locale-gen en_GB.UTF-8; update-locale
-    - wget -qO - http://192.168.1.12/keys/security-benchmarks.asc | sudo apt-key add -
-    - sudo add-apt-repository "deb http://192.168.1.12/private-ppa.launchpad.net/ubuntu-advantage/security-benchmarks/ubuntu bionic main"
-    - sudo apt update
-    - sudo DEBIAN_FRONTEND=noninteractive apt install -y -q usg-cisbenchmark
-    - cd /usr/share/ubuntu-scap-security-guides/cis-hardening; sudo ./Canonical_Ubuntu_18.04_CIS-harden.sh -f /tmp/cis-hardening.conf lvl2_server
-    # remove auditd as added by Hardening script but is not supported on containers
-    - "systemd-detect-virt --container && apt purge -y auditd"
-    - "systemd-detect-virt --container && rm -rf /root/99-post-juju.yaml"
-    - "! systemd-detect-virt --container && mv /root/99-post-juju.yaml /etc/netplan/99-post-juju.yaml"
-    - "! systemd-detect-virt --container && sudo lxc profile set default security.nesting true"
-    - sudo netplan apply
-
-default-series: "bionic"
-apt-mirror: http://192.168.1.12/archive.ubuntu.com/ubuntu
diff --git a/config/juju-model-default-cis-focal.yaml b/config/juju-model-default-cis.yaml
similarity index 98%
rename from config/juju-model-default-cis-focal.yaml
rename to config/juju-model-default-cis.yaml
index 65e5bbd..ff3473c 100644
--- a/config/juju-model-default-cis-focal.yaml
+++ b/config/juju-model-default-cis.yaml
@@ -149,6 +149,5 @@ cloudinit-userdata: |
     commands:
       "00": systemctl restart snapd
 
-default-series: "focal"
-#apt-mirror: http://192.168.1.12/archive.ubuntu.com/ubuntu
+apt-mirror: http://192.168.1.12/archive.ubuntu.com/ubuntu
 lxd-snap-channel: "4.19/stable"
diff --git a/config/juju-model-default.yaml b/config/juju-model-default.yaml
index ea3f992..f68ade9 100644
--- a/config/juju-model-default.yaml
+++ b/config/juju-model-default.yaml
@@ -1,4 +1,8 @@
 cloudinit-userdata: |
+  apt:
+    primary:
+      - arches: [amd64]
+        uri: http://192.168.1.12/archive.ubuntu.com/ubuntu
   write_files:
   - owner: root:root
     path: /root/99-post-juju.yaml
@@ -27,6 +31,12 @@ cloudinit-userdata: |
     - "! systemd-detect-virt --container && mv /root/99-post-juju.yaml /etc/netplan/99-post-juju.yaml"
     - "! systemd-detect-virt --container && sudo lxc profile set default security.nesting true"
     - sudo netplan apply
+  snap:
+    commands:
+      "00": systemctl restart snapd
 
-default-series: "bionic"
 apt-mirror: http://192.168.1.12/archive.ubuntu.com/ubuntu
+lxd-snap-channel: "4.19/stable"
+
+container-image-metadata-url: "http://192.168.1.12/lxd/"
+container-image-stream: released
diff --git a/config/juju_deploy_focal.sh b/config/juju_deploy_focal.sh
index ae1886b..cb7fed6 100755
--- a/config/juju_deploy_focal.sh
+++ b/config/juju_deploy_focal.sh
@@ -2,7 +2,9 @@
 
 series=focal
 
-juju model-config juju-model-default-cis-${series}.yaml
+juju model-config juju-model-default.yaml
+
+juju model-config default-series=${series}
 
 juju deploy ./bundle_${series}.yaml \
     --overlay ./overlays/ovs.yaml \
diff --git a/config/overlays/ldap.yaml b/config/overlays/ldap.yaml
index 6bb018a..49e9cda 100644
--- a/config/overlays/ldap.yaml
+++ b/config/overlays/ldap.yaml
@@ -104,6 +104,6 @@ applications:
         }
 
 relations:
-  - [ "keystone", "keystone-ldap-domain1" ]
-  - [ "keystone", "keystone-ldap-domain2" ]
-  - [ "keystone", "keystone-ldap-domain3" ]
+  - [ "keystone:domain-backend", "keystone-ldap-domain1:domain-backend" ]
+  - [ "keystone:domain-backend", "keystone-ldap-domain2:domain-backend" ]
+  - [ "keystone:domain-backend", "keystone-ldap-domain3:domain-backend" ]
diff --git a/config/overlays/openstack_versioned_overlay_focal.yaml b/config/overlays/openstack_versioned_overlay_focal.yaml
index bec919d..7f62176 100644
--- a/config/overlays/openstack_versioned_overlay_focal.yaml
+++ b/config/overlays/openstack_versioned_overlay_focal.yaml
@@ -23,6 +23,8 @@ applications:
 #    charm: cs:cinder-310
   cinder-ceph:
     charm: cs:cinder-ceph-262 # upgrade to support availability-zone specification
+  controller-server:
+    charm: cs:ubuntu-18
   easyrsa:
     charm: cs:~containers/easyrsa-408
   elasticsearch:
@@ -71,6 +73,8 @@ applications:
     charm: cs:hacluster-76
   heat:
     charm: cs:heat-283
+  juniper-server:
+    charm: cs:ubuntu-18
   keystone-ldap-domain1:
     charm: cs:keystone-ldap-35
   keystone-ldap-domain2:
@@ -81,6 +85,8 @@ applications:
     charm: cs:keystone-323
   landscape-client:
     charm: cs:landscape-client-35
+  landscape-client-bionic:
+    charm: cs:landscape-client-35
   landscape-haproxy:
     charm: cs:haproxy-61
   landscape-postgresql:
@@ -89,6 +95,12 @@ applications:
     charm: cs:~openstack-charmers-next/rabbitmq-server-438 # attempted fix for LP#1939702
   landscape-server:
     charm: cs:landscape-server-39
+  ldap-domain1:
+    charm: cs:~openstack-charmers/ldap-test-fixture-4
+  ldap-domain2:
+    charm: cs:~openstack-charmers/ldap-test-fixture-4
+  ldap-domain3:
+    charm: cs:~openstack-charmers/ldap-test-fixture-4
 #  lldpd:
 #    charm: cs:lldpd-9
   memcached: