Comment 5 for bug 1614010

Andrew Wilkins (axwalk) wrote :

> Further discussions sparked interesting possibilities when/if we'd allow users to register the same controller on the same client more than once under a different controller name. For example, a context switch between a controller based on a name might also escalate or reduce user privileges.

I'm happy for the client to support registering a controller twice. It did originally, and then was crippled by others who insisted that it would lead to bugs. I really doubt that, although it's hard to say for sure, since it was crippled...

FWIW, however, I don't think using multiple controller definitions just to change users is sensible. You would have to maintain two identical (but independent) controller definitions (IP addresses, CA cert, etc.). We already have "accounts"; if we want to support quick switching between users, then we should look for a way to safely have multiple users/accounts/logins active for a controller.

An analogy of "sudo" was given (offline), which I don't think holds much water. It's more like having two ssh_config definitions, for the same host, with only the user differing. Need to change the host IP? Go and update two separate config entries. That's not ideal.

> 5. Optionally...
Although we have 'juju unregister', it might also be worthwhile to clean up the client on 'juju destroy-controller', i.e. find all controllers on this client with the same uuid that we want to destroy.

We already do that.