Command 'expose'

See also: unexpose

Summary

Makes an application publicly available over the network.

Usage

juju expose [options] <application name>

Options

Details

Adjusts the firewall rules and any relevant security mechanisms of the cloud to allow public access to the application.

If no additional options are specified, the command will, by default, allow access from 0.0.0.0/0 to all ports opened by the application. For example, to expose all ports opened by apache2, you can run:

juju expose apache2

The --endpoints option may be used to restrict the effect of this command to the list of ports opened for a comma-delimited list of endpoints. For instance, to only expose the ports opened by apache2 for the “www” endpoint, you can run:

juju expose apache2 --endpoints www

To make the selected set of ports accessible by specific CIDRs, the --to-cidrs option may be used with a comma-delimited list of CIDR values. For example:

juju expose apache2 --to-cidrs 10.0.0.0/24,192.168.1.0/24

To make the selected set of ports accessible by specific spaces, the --to-spaces option may be used with a comma-delimited list of space names. For example:

juju expose apache2 --to-spaces public

All of the above options can be combined together. In addition, multiple “juju expose” invocations can be used to specify granular expose rules for different endpoints. For example, to allow access to all opened apache ports from 0.0.0.0/0 but restrict access to any port opened for the “logs” endpoint to CIDR 10.0.0.0/24 you can run:

juju expose apache2 juju expose apache2 --endpoints logs --to-cidrs 10.0.0.0/24

Each “juju expose” invocation always overwrites any previous expose rule for the same endpoint name. For example, running the following commands instruct juju to only allow access to ports opened for the “logs” endpoint from CIDR 192.168.0.0/24.

juju expose apache2 --endpoints logs --to-cidrs 10.0.0.0/24 juju expose apache2 --endpoints logs --to-cidrs 192.168.0.0/24

---